[English version below dashes ]
Bonjour à tous,
Nous utilisons Nessus dans le cadre de contrôles de conformité et souhaitons contrôler SPLUNK, mais aucun fichier d’audit basé sur les CIS Benchmark n’est fourni par Tenable.
Quelqu’un disposerait-il d’un fichier audit forgé d’après les recommandation CIS, ou de ressources permettant de créer le fichier audit en corrélation avec les recommandations CIS ?
Vous remerciant par avance.
Good morning, everyone,
We use Nessus for compliance checks and want to control SPLUNK, but no audit file based on CIS Benchmark is provided by Tenable.
Does anyone have an audit file forged based on CIS recommendations, or resources to create the audit file in correlation with CIS recommendations?
Thank you in advance.
CIS do not publish a benchmark specifically for Splunk
https://www.cisecurity.org/cis-benchmarks/
In the past we have applied the standard benchmarks for the OS (which nessus does support) and combined this with operational best practices for splunk such as:
-limited local users & bastion host access
-custom SSL certs & enforced TLS
- not running splunk as root
- etc.
Hello,
Thanks for you answer.