Posts
My account
Shop
Ready or not, MS Teams' prime-time at Schools (First day of School)
My blogging game has been off for the last few months ((https://cybersecengineer.com)), and that is ok, but as schools start today in my neck of the woods, I just could not resist and write this short post with my opinion. A story of Broward Public Schools - Microsoft Teams Prime-Time Today my kids started virtual classes and to my surprise I noticed that they are using MS Teams to get connected, meet and collaborate. I have to be honest, I did not think MS Teams was ready for meetings and collaboration, event tough I have been forced to use it at work, because all my team mates are using it.
Splunk Series III: System Administrator Class (File Structure, Settings and CLI)
Awesome, I was able to move from those 2 slides that took a lot of content and energy our of my brain! - The slides I’m referring to are the ones you get when you assist Splunk’s class for System Administration, basically the posts are my notes (This blog) which is an extraction of the most important content. The next post will be about few things that I consider very important, like the settings, the directory structure and so on, so lets get at it
Splunk Series III: System Administrator Class (Installation and Recommendations)
Splunk can be installed in Windows and Linux for Production environments, there are some tweaks that you can configure to make your environment run better and with no issues, this class makes few recommendations that are very new to me so I will list them here to keep adding to my notes. Linux Settings Recommendations Ulimit The class recommends the use of ulimit -ato view settings, and then increase the parameters on indexers and search heads. This one seems a bit off, but here is a quick informational link about the ulimit command
PANOS - Configuring OSPF and Default Route Advertisement
I have a very modest lab setup and have been putting the PAN-VM 100 to the test, in this case, I have 2 firewalls setup to handle the internet of the internal VMs in my lab Here I a quick snapshot of the all the junk I have been running So I decided that I want to use the PANVM as my primary internet, due to some limitations of speed with the ASA5506X (Only 250Mbps) - I’m running currently a 1Gbps internet for the lab so I wanted to make sure I could use all my bandwidth! (I want my money and I want it now!!)
Splunk Series III: System Administrator Class (Splunk Components, Processes and Installation)
Getting back from where we left over from yesterday. Here is a quick and interesting view of the components, processes and the Installation planning of the solution. I know, these post maybe repetitive in nature, but its the foundation of a well implemented solution Core Components and Processes This section is dedicated to describe all the components and processes and a brief explanation of Splunk Search Heads Allow users to submit search request using SPL (Search Processing Language) Distribute search requests to the indexers Consolidate results and render visualizations of results Store search-time knowledge objects (Field extractions, alerts and dashboards) Indexers Receive incoming data from forwarders Index and store data in Splunk indexes search data in response to requests from Search Heads Forwarders Monitor configured inputs and forward data to the indexers (best practice data collection method) Requires minimal resources and typically installed on the machines that produce the data Deployment Server Acts as a centralized configuration manager for any number of deployment clients Requires running on an enterprise instance Installation Overview As with any installation, preparation and planning are key!
Splunk Series III: System Administrator Class (Splunk Deployment)
As I continue being exposed to Splunk in the wild as well as in class :) - I decided to write a bit on the class that I just took. The System Administrator Class This class is one of the many requirements to become a Splunk Certified Architect, which is what I’m going for in the next couple of months. This class along with the Data Administration one are required in order to take the Administration exam.
PANOS - Configuring Snapshots of Configuration
One thing that I really appreciate from Palo Alto is that their Firewalls have this nice way to save your configuration. As I move with labbing my experience with the Firewalls and products, I really wanted to highlight this. Configuration Management This section relates to the ability to different functions you can use to practically save your configurations, this is very handy because you can save a good known configuration, and ue at later time.