wiki

This is an old revision of the document!

---

• Splunkforwarder doc

https://docs.splunk.com/Documentation/Splunk/9.1.1/Admin/RunSplunkassystemdservice

hardening

# cat /etc/fstab

/dev/mapper/vg_root-lv_home /home xfs defaults,nosuid,nodev 0 2
/dev/mapper/vg_root-lv_tmp /tmp xfs defaults,nosuid,noexec,nodev 0 2
/dev/mapper/vg_root-lv_var /var xfs defaults,nosuid,nodev 0 2
/dev/mapper/vg_root-lv_var_log /var/log xfs defaults,nosuid,noexec,nodev 0 2
/tmp /var/tmp none rw,noexec,nosuid,nodev,bind 0 0
tmpfs /dev/shm tmpfs rw,nodev,noexec,nosuid 0 0

# cat /etc/ssh/sshd_config
...
AllowUsers *                  
AllowGroups *                 
DenyUsers nobody              
DenyGroups ftpusers monitor   

kexalgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256    # CIS Control id 14400