Lab 2: Integration with Splunk¶
Splunk is a 3rd-party Security Information and Event Management (SIEM) solution that is used by a large number of organizations to assimilate information and event logs from a large number of disparate sources, and store and analyze it from a single central location in order to correlate data across all devices in the organization.
In this lab, we will integrate our BIG-IPs to send data into Splunk and use Splunk to visualize and analyze the data from a single centralized location rather than viewing/analyzing it on an individual BIG-IP.
- Configuring Splunk to use the F5 Splunk app
- Configuring the BIG-IP to send analytics data to Splunk
- Notes on the F5/Splunk Integration
- Viewing the Analytics Data in Splunk