Using Splunk® Enterprise Search Commands for Advanced Analysis of Ivanti Connect Secure© Logs
- Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)
Analyzing the logs of even the smallest Information Technology (IT) system can be a challenge considering they can generate millions of lines of log data in a very short time. Splunk® Enterprise is an industry leading tool that allows analysis of log data, which can enhance troubleshooting capabilities, improve system performance, and improve the security posture of an IT system. Ivanti Connect Secure© (ICS) is a market-leading platform powered by the Ivanti Secure Socket Layer Virtual Private Network (SSL VPN) appliance, providing an architecture for secure access to and protection of network resources. This paper describes an approach for using Splunk Enterprise search capabilities to perform advanced data analysis of ICS logs.
- Research Organization:
- Oak Ridge National Laboratory (ORNL), Oak Ridge, TN (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- AC05-00OR22725
- OSTI ID:
- 1872843
- Report Number(s):
- ORNL/TM-2022/2463
- Country of Publication:
- United States
- Language:
- English
Similar Records
Analyzing Risks of Virtual Private Network Connections
Automating Log Synthesis and Visualization with Python and Splunk
Bridging the gaps : joining information sources with Splunk.
Technical Report
·
Wed Dec 11 23:00:00 EST 2024
·
OSTI ID:2483602
Automating Log Synthesis and Visualization with Python and Splunk
Conference
·
Fri Aug 16 00:00:00 EDT 2024
·
OSTI ID:2474846
Bridging the gaps : joining information sources with Splunk.
Conference
·
Fri Oct 01 00:00:00 EDT 2010
·
OSTI ID:1028434