IT is Calling You

Welcome back! So much has happened since you’ve been gone. The IT department got hold of Stream and started configuring it, following your lead. So far, they have added their Splunk instance as a Destination and connected the firewall you added using a second Data Route and passthru Pipeline.

Having all the firewall logs in Splunk allows IT to analyze them for any issues. However, a recent email from the Director of IT notes:

note

To: REDACTED

Our Splunk instance is billed by the amount of data we store in it. Pouring all of our Palo Alto firewall logs into it is becoming costly. If there is any way you can help cut down on useless data and / or noise that gets sent to Splunk, we would be very grateful.

Sincerely,
Steve

Director of IT

What do you know, Stream can do that! What’s more, you don’t have to do any hard work. Cribl maintains a collection of Functions, Pipelines, and Knowledge that help enrich, reduce, and organize Palo Alto traffic. All you have to do is copy and paste a URL into Stream. It will download the Pack and away we go!

Course Map

Here’s our map for today’s course: Course Map - Empty

Let’s do this!

The DispensaryVisit the Dispensary