Splunk
Url:- https://d3boqi1zs4oa8r.cloudfront.net/
Id:- admin@payasyougo.com
Password:- Password@1
Splunk Login details :-
zapojadmin
Shine@123
Login to the dev server using ssh .
(We have used Mediasoup dev server for Splunk)
Steps to install and configure Splunk on Linux server :-
Run the following commands in sequence for download , install and start splunk server
Step1:- wget -O splunk-8.2.6-a6fe1ee8894b-linux-2.6-amd64.deb “https://download.splunk.com/products/splunk/releases/8.2.6/linux/splunk-8.2.6-a6fe1ee8894b-linux- 2.6-amd64.deb”
Step 2:- sudo dpkg -i splunk-8.2.6-a6fe1ee8894b-linux-2.6-amd64.deb
Step 3:- Accept license agreement and set the Splunk server credentials
Step4 :- sudo /opt/splunk/bin/splunk start
Step5:- check the server status is it running or not
sudo /opt/splunk/bin/splunk status
Step 6:- Stop the splunk server
sudo /opt/splunk/bin/splunk stop
Go To Browser :-
Enter Ip Address with port number and Fill credentials
![Enter Ip Address with port number](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk1.png)
![Fill credentials](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk2.png)
Connectivity with splunk successfully
In Zsuite app:-
Step 1:- For creating a new service
It Cm -> IT Services->
![It Cm -> IT Services->](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk3.png)
Click on New Service
![Click on New Service](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk4.png)
A. Fill Service name, description
![Fill Service name, description](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk5.png)
B. Select process
For Adding new process:- IT CM ->IT Process ->New Process
![For Adding new process:- IT CM ->IT Process ->New Process](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk6.png)
C. Select calendar
For Adding New Calendar:- staff scheduling ->add icon-> fill calender name and select groups
![For Adding New Calendar:- staff scheduling ->add icon-> fill calender name and select groups](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk7.png)
For making new group:- Contacts -> groups ->
![For making new group:- Contacts -> groups ->](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk8.png)
Add group -> Fill all details and select contact for making groups
![Add group -> Fill all details and select contact for making groups](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk9.png)
![Add group -> Fill all details and select contact for making groups 2](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk10.png)
![Add group -> Fill all details and select contact for making groups 3](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk11.png)
Note:- creating new contact add contacts :- Contacts-> Contacts->
click on add contacts -> fill all detail
![click on add contacts -> fill all detail](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk12.png)
![click on add contacts -> fill all detail 2](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk13.png)
->save
Now a new service created successfully
Step 2:- click on service that has been been generated
![click on service that has been been generated](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk14.png)
Step 3:- Integration-> Create integration-> fill integration name-> select integration via app-> Select App Name-> Save
![Integration-> Create integration-> fill integration name-> select integration via app-> Select App Name-> Save](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk15.png)
Step 4:- Service integration created automatically integration url and key
![Service integration created automatically integration url and key](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk16.png)
Step 5:– Now go to the splunk servers using ip address
![Now go to the splunk servers using ip address](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk17.png)
Search & reporting -> add search on any index ->
![Search & reporting -> add search on any index ->](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk18.png)
save as alert -> fill the detail and add webhook url which has been auto generated while create integration in service
![save as alert -> fill the detail](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk19.png)
![and add webhook url which has been auto generated](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk20.png)
![while create integration in service](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk21.png)
You can see the created alerts setting->Searches, reports and alerts
![You can see the created alerts setting->Searches, reports and alerts 1](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk22.png)
![You can see the created alerts setting->Searches, reports and alerts 2](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk23.png)
Step 6:- now we saw the notification of alerts in It Event Management-> Alerts
![now we saw the notification of alerts in It Event Management-> Alerts1](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk24.png)
![now we saw the notification of alerts in It Event Management-> Alerts2](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk25.png)
Note:-> Webhook url It CM-> Services->integrations->Copy this integration url and add on alert webhook
![Webhook url It CM-> Services->integrations->Copy this integration url and add on alert webhook](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk26.png)
Rule Set Creation In Zsuite :- Rules are created for filtering payload data.
Step 1:- It Cm-> IT Service-> click on any service-> Rule Set-> Create Rule
![Step 1:- It Cm-> IT Service-> click on any service-> Rule Set-> Create Rule](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk27.png)
![It Cm-> IT Service-> click on any service-> Rule Set-> Create Rule](https://docs.zapoj.com/wp-content/uploads/2023/04/splunk28.png)