Build Your Lab: Installing Splunk Server and Forwarders

This video is part of Blue Cape Security's free "Build Your Lab" tutorials. https://bluecapesecurity.com/build-your-lab/splunk-lab-installation In this video tutorial we are demonstrating how to install a Splunk server and clients within your lab environment in order to forward Windows event logs to your server in real-time. We’ll do this in our Medium Lab build, which includes a Windows client and Windows Domain Controller, but instructions apply to any Windows system. The Splunk server is going to be installed on our host system, which is also Windows based. We’ll be switching to the Splunk Free license that won’t expire. Alternatively, you can apply for a developer license. To download the server enterprise installation and forwarder files, you need to have a Splunk account. Splunk enterprise: https://www.splunk.com/en_us/download/splunk-enterprise.html Splunk forwarders: https://www.splunk.com/en_us/download/universal-forwarder.html 𝗙𝗼𝗹𝗹𝗼𝘄 𝘂𝘀: Discord: https://discord.gg/WKsaGE2CV3 Twitter: https://twitter.com/bluecapesec LinkedIn: https://www.linkedin.com/company/bluecapesecurity Visit https://www.bluecapesecurity.com for more free tutorials and blue team training.