I'm new to Splunk - and have been asked to create a spreadsheet that my global company can use to baseline our Proof of Concept (POC),
Specifically, how do you identify what you are forwarding e.g. if I wanted to identify specific machines what is the best approach .....to identify the log type or the machine type?????? Would the below be the best approach????
And then add for example "firewall with IPS" Under "Security" ???
Or "Cisco switch" under "network"?
Security | Custom Applications | Networks | databases | Servers | Smartphones | Virtual Machines | Web Services | Sensors
... View more