Skip to content
/ SplunkAutomation Public

This repository contains Python scripts for forwarding system logs (Application, Security, and System) from both Windows and Linux machines to a Splunk server over TCP.

1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

AbdinasirM/SplunkAutomation

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

8 Commits
Linux_version
Linux_version
Β 
Β 
Windows_version
Windows_version
Β 
Β 
README.md
README.md
Β 
Β 

Repository files navigation

Splunk Log Forwarding - Overview

This repository contains Python scripts for forwarding system logs (Application, Security, and System) from both Windows and Linux machines to a Splunk server over TCP.

πŸ“‚ Project Structure

/  
β”‚  
β”œβ”€β”€ Linux_version/  
β”‚   β”œβ”€β”€ application_log.py  
β”‚   β”œβ”€β”€ security_log.py  
β”‚   β”œβ”€β”€ system_log.py
β”‚   β”œβ”€β”€ README.md  
β”‚   └── main.py  
β”‚  
β”œβ”€β”€ Windows_version/  
β”‚   β”œβ”€β”€ application_log.py  
β”‚   β”œβ”€β”€ security_log.py  
β”‚   β”œβ”€β”€ system_log.py
β”‚   β”œβ”€β”€ README.md
β”‚   └── main.py  
β”‚  
└── README.md

How It Works

  • Windows Logs – Collected using win32evtlog to extract Event Viewer logs.
  • Linux Logs – Logs are retrieved using journalctl and dmesg commands.
  • Log Upload – Logs are sent to Splunk over TCP in JSON format.
  • Automation – The main.py script in both folders triggers all log scripts at once.

πŸ› οΈ Setup

  • Windows – Requires Python 3, pywin32, and Administrator privileges.
  • Linux – Requires Python 3, journalctl, and dmesg.

πŸ“˜ Instructions

  • Follow the platform-specific README files in the windows and linux folders for installation and setup.
  • Update Splunk server IP and port in each script before running.

Contributions and suggestions are welcome! 🚧

About

This repository contains Python scripts for forwarding system logs (Application, Security, and System) from both Windows and Linux machines to a Splunk server over TCP.

Topics

windows linux splunk python3

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages