Need to have someone install Syslog-NG and Splunk on a linux host for me.
Host operating system can be found at:
[url removed, login to view]
Need the VMWare instance fired up, configured for Syslog-NG & Splunk , shutdown, zipped up and then FTP'd to me when completed.
The box should have the following when completed:
- Splunk 3.4.5
- Syslog-NG 3.0.1 (needs eventlog 0.2.9 from balabit)
- IP Address: [url removed, login to view] 255.255.255.0
- IPChains/IPTables configured appropriately to allow for splunk and syslog-ng to function
It needs to be able to receive any syslog messages from external hosts on the 192.168.x.x subnet range.
Splunk should be configured to read from syslog-ng and from all the logs on the host itself (var/log/messages, etc.)