Splunk’ing IBM Domino

[Update: I never succeeded in integrating Domino with Splunk. I encountered license issues and never moved beyond some test data before moving on from an environment containing Lotus Domino. Sorry folks.]

I’ve started integrating IBM Domino logs in to Splunk.  I am blogging about it because I can’t find anyone who has ever Splunk’ed (or SIEM’ed) Lotus Notes logs.  I suspect part of that issue may be that I rarely find people who admit to using Lotus Notes.

Are the logs any good?  We will find out.  Right now I’ve got a Universal Forwarder installed on two IBM Domino servers.  One is a mail server and one is an IMC / IBM Mobile Connect server.

My plan is to build a security focused Dashboard in Splunk.

2 thoughts on “Splunk’ing IBM Domino

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s