During the Instructor demo lab, how did he connect to the Splunk management tool? AnswerUsing the target VM using port What are the main functions of Splunk, a log management and alerting tool, that were demonstrated by the Instructor and why do they help build more secure operations?

AnswerSplunk begins with indexing, which means gathering all the data from diverse locations and combining it into centralized indexes.

Before Splunk, system administrators would have had to log in many different machines to gain access to all the data using far less powerful tools. Using the indexes, Splunk can quickly search the logs from all servers and hone in on when the problem occurred.

With its speed, scale, and usability, Splunk makes determining when a problem occurred that much faster. Splunk can then drill down into the time period when the problem first occurred to determine its root cause. Alerts can then be created to head the issue off in the future. What types of Data Inputs are available in Splunk and most other log management tools?

