-
Notifications
You must be signed in to change notification settings - Fork 2
nick-hills/Pi-hole_splunk
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
Pi-hole {http://pi-hole.net) is a Linux network-level advertisement and internet tracker blocking application which acts as a DNS sinkhole (And optionally a DHCP server), intended for use on a private network. It is designed for use on embedded devices with network capability, such as the Raspberry Pi, but can be used on other machines running Linux and cloud implementations. Pi-hole has the ability to block traditional website adverts as well as adverts in unconventional places, such as smart TVs and mobile operating system adverts This Splunk Application consumes the output logs from Pi-hole and provides CIM extractions, and a simple dashboard to display statistics github: https://github.com/nick-hills/Pi-hole_splunk Installation: 1.) Install the app from SplunkBase, or upload the package file 2.) Create an input for the log file. The following is an example you could add to inputs.conf if you are using the default paths. Be sure to set the sourcetype to pihole:log [monitor:///var/log/] whitelist = pihole\.lo.+ disabled = false sourcetype = pihole:log 3.) Marvel at the dashboards and how many requests are being blocked by Pi-hole 4.) Optionally enabled Datamodel Acceleration for the Network Resolution (DNS) datamodel, and start pivoting.
About
A Splunk app for the awesome Pi-hole
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published