Hello. My name is Isaac. Welcome to lean on Security.
Now, let's go to the
so that we can send the TCP
to access the accounts.
We're talking the roots. User name
type in the password. The default password for Callie Glynis is T o R. That's reverse off.
Oh, identification, failure and type the password wrongly.
Let's just do that again
Okay, so our logging is successful now.
Now the Cali Knox and governments
here we have a slogan from Cali nearly knocks.
The quieter you become, the more you are able to hear.
Okay, so the next thing we're going to do, we're going to log into the computer, my computer here, and go the file system
so that we can access the
our sea slug configuration file.
So you click on the file system.
Good. So now we go to E. T. C folder
selected and scroll down to search for the
script so that we can indeed it
to give us the results off the TCP
logs that we're looking out for.
Okay, so we have the scripts open,
so we're going to date it now.
Just go to the bottom of the scripts here.
It's cool this down.
Okay, so the bottom here, we're going to I did it.
We're going to edit this
Console his last statement. Here's a press enter.
Okay? So I'm just going to type in all the
all the scripts that
has come in together with this lab environment
tapping this script here,
will run this script
city i p t p I p logs
into our Splunk environments.
Okay, so I'm typing this asterix dot Asterix here
off our name types with all file extensions
coming from this particular I P address
and also from the sports club port number.
And so with all these done now, we can save our file our script file
go ahead and we start the Cali leaners
just want to ensure their safe now.
All right, So we go to roots here
and try to lug outside.
environment so clued Shut down here,
Catalina's environment is going to start in a few minutes.
Okay? So we can now love back into the
Callie. Lena. It's virtual lab
Okay, so now we want to send
the logging message toe are Splunk environment.
So we live for the command prompt here,
and we're going to type in.
It's logging, honesty
And so this message there were
This is a test of Splunk 40
So now we can go back to our
window, which has been running all this while
so that we can see the
logs that have been captured automatically
from this our calendars
and start searching.
So the search field now
I was such criteria.
So we type in. This is a test
that has been received from our
host the Kelly dinners land environment.
We can see the source, which is a TCP
20,000 year in source type, which is a cease log.
message. Would you type there? Which is This is a test of Splunk 40.
So were successfully received
the Cali next environment in tow US plunk environment.