Linux and Unix

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

Linux is a widely adopted open-source operating system known for its flexibility, security, and robust performance across various computing environments. Its open-source nature allows for extensive customization and a vibrant community, making it a foundational component for servers, embedded systems, and development workstations.

Getting data in

Source	Add-ons and Apps	Guidance
Linux and Unix Similar to other operating systems, there are different types of logs can you get from Linux. Security logs. Linux security logs are a source of data that records information related to login attempts (success and failure), elevated privileges, and other security events as defined by the system’s audit policy. These logs are one of the primary tools used by security analysts to detect and investigate unauthorized activity and to troubleshoot access problems. Operating logs. Linux operating system logs are a source of data that reports on state changes in a UNIX or Linux variant operating system. This includes changes to applications, service state, and hardware events. These events are used by operations and development teams to troubleshoot and mitigate errors.	Splunk platform Splunk Add-on for Unix and Linux Splunk Add-on for Linux [1]	Configuration About the Splunk Add-on for Unix and Linux Splunk Add-on for Linux Collect Linux data (Splunk Observability Cloud) Splunk Lantern Articles Benchmarking filesystem performance on Linux-based indexers Installing Splunk Enterprise 9.x on Linux Reducing log volume with SPL2 Linux/Unix templates for Edge Processor and Ingest Processor Setting Unix profiles Securing a work-from-home organization Investigating a ransomware attack Managing nix system user account behavior Maintaining nix systems with the Splunk platform Maintaining *nix systems with Infrastructure Monitoring Creating a timebound picture of network activity Recovering lost visibility of IT infrastructure /Platform_Data_Management/Transform_Pipelines/Routing_root_user_events_to_a_special_index Troubleshooting slow Splunk platform restarts when running under systemd on Linux Detecting usage of popular Linux post-exploitation tools

Source

Add-ons and Apps

Guidance

Linux and Unix

Similar to other operating systems, there are different types of logs can you get from Linux.

Security logs. Linux security logs are a source of data that records information related to login attempts (success and failure), elevated privileges, and other security events as defined by the system’s audit policy. These logs are one of the primary tools used by security analysts to detect and investigate unauthorized activity and to troubleshoot access problems.
Operating logs. Linux operating system logs are a source of data that reports on state changes in a UNIX or Linux variant operating system. This includes changes to applications, service state, and hardware events. These events are used by operations and development teams to troubleshoot and mitigate errors.

Splunk platform

Configuration

About the Splunk Add-on for Unix and Linux
Splunk Add-on for Linux
Collect Linux data (Splunk Observability Cloud)

Splunk Lantern Articles