Skip to content
/ SA-pihole Public

PiHole/dnsmasq search add-on for Splunk

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

yorokobi/SA-pihole

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
default
default
 
 
metadata
metadata
 
 
static
static
 
 
README.md
README.md
 
 
app.manifest
app.manifest
 
 

Repository files navigation

PiHole/dnsmasq Statistics Search Add-On for Splunk

This is adapted from the TA-pihole add-on on splunkbase.splunk.com

This add-on uses data received by a Splunk Connect for Syslog (SC4S) container.

Configure dnsmasq

Create /etc/dnsmasq.d/99-pihole.conf with the following entries:

log-facility=DAEMON
log-queries=extra

Ensure your syslog configuration is set up to forward to your syslog receiver.

I have PiHole running on a Raspberry Pi with rsyslog. In my /etc/rsyslog.conf file, I added the following entry at the top of the RULES block.

*.*                 @192.168.0.19:514

Change 192.168.0.19 to the IP or hostname of your syslog (SC4S) receiver.

About

PiHole/dnsmasq search add-on for Splunk

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •