Basically Splunk logs (really system logs) contains information related to every activity that happens on the system (assuming it was configured correctly). This includes console logons, network logons, software install/uninstall, system updates, manually disabling/enabling components etc.
Very simply put. Splunk is a logging tool that takes up to millions and multiples of millions of logs from anywhere, organizing them and giving a readable interface to view that data. These logs can be from system event logs, or actual traffic logs, to line upon line of communication on servers, network devices, and other endpoints, firewalls etc. Splunk is built to be a 1 stop resource for an entire network if it is configured to do that.
Can go more technical if wanted as well.
Depending on how a network device (routers, switches, firewalls, load balancers, servers; basically anything connected to a network) is configured, log entries can be produced at specific time intervals and with specific data points. The internal storage in a network device is limited so the device can be configured to send its log entries to an external computer, typically a high-speed sever with lots and lots of data storage. A large network whose devices are producing frequent, detailed log entries can generate enormous amounts of data.
Splunk is a software system that can process that log data and make graphs and reports that make sense to humans. The reports can be customized for specific purposes, for instance, what network devices are connecting to outside computers and how muck data is sent to and from that destination computer. It goes much deeper and further than that, but this is basically what Splunk does.
saves logs of* a router
Basically Splunk logs (really system logs) contains information related to every activity that happens on the system (assuming it was configured correctly). This includes console logons, network logons, software install/uninstall, system updates, manually disabling/enabling components etc.
Good question. Sounds like something you shouldn't type into a search engine.
Now, THAT's funny!
Very simply put. Splunk is a logging tool that takes up to millions and multiples of millions of logs from anywhere, organizing them and giving a readable interface to view that data. These logs can be from system event logs, or actual traffic logs, to line upon line of communication on servers, network devices, and other endpoints, firewalls etc. Splunk is built to be a 1 stop resource for an entire network if it is configured to do that. Can go more technical if wanted as well.
Your not dumb. These are legitimate questions. 👏
https://radiopatriot.net/2021/06/10/splunk-logs-what-are-they/#:~:text=What%20are%20splunk%20logs%20Eric%3A%20Splunk%20is%20a,changes%20across%20all%20connected%20computers%20and%20computerized%20equipment.
Depending on how a network device (routers, switches, firewalls, load balancers, servers; basically anything connected to a network) is configured, log entries can be produced at specific time intervals and with specific data points. The internal storage in a network device is limited so the device can be configured to send its log entries to an external computer, typically a high-speed sever with lots and lots of data storage. A large network whose devices are producing frequent, detailed log entries can generate enormous amounts of data.
Splunk is a software system that can process that log data and make graphs and reports that make sense to humans. The reports can be customized for specific purposes, for instance, what network devices are connecting to outside computers and how muck data is sent to and from that destination computer. It goes much deeper and further than that, but this is basically what Splunk does.