Data masking:
https://answers.splunk.com/answers/211998/masking-sensitive-data.html
5 main function of Splunk enterprise:
1. Index: collects data
2. Search : index based: Search language
3. Monitor, alert
4. Report, Dashboard
Process components:
Indexer
Search Head: Search langauge
Forwarder
Forwarder(client machine)-> Indexer(server machine)-> Search Head
Input->parsing->Indexing->Searching
Three roles:
- Admin: install and create knowledge objects for all users
- Power : create and share knowledge objects for user of an app and searches
- user: Only see their own knowledge objects and those shared with them
No comments:
Post a Comment