topic Re: TLS/SSL Syslog Splunk Support in Getting Data In https://community.splunk.com/t5/Getting-Data-In/TLS-SSL-Syslog-Splunk-Support/m-p/60432#M11983 <P>Splunk does support a TCP w/ SSL input. See <A href="http://docs.splunk.com/Documentation/Splunk/latest/Admin/Inputsconf">http://docs.splunk.com/Documentation/Splunk/latest/Admin/Inputsconf</A> . I have no experience to say how well this works with an rsyslog SSL sender.</P> <P>It does, not, however, support syslog via UDP and DTLS. But, I don't think rsyslog can do this either (I may be wrong there).</P> <P>Best practice (and my personal preference) is to still install a forwarder. It can definitely do SSL to Splunk, and can also support scripted inputs and other non-syslog data coming from those machines.</P> Fri, 25 May 2012 17:38:10 GMT dwaddle 2012-05-25T17:38:10Z TLS/SSL Syslog Splunk Support https://community.splunk.com/t5/Getting-Data-In/TLS-SSL-Syslog-Splunk-Support/m-p/60431#M11982 <P>I'm always nervous about sending plain text syslogs around the place, and rsyslog has some fantastic options (SSL and TLS). </P> <P>Does splunk support reading these connectors, or would I have to setup a client / forwarder setup on the local box to do this? </P> <P>I am not talking about a secured tunnel here. </P> Fri, 25 May 2012 10:21:00 GMT https://community.splunk.com/t5/Getting-Data-In/TLS-SSL-Syslog-Splunk-Support/m-p/60431#M11982 pacepace 2012-05-25T10:21:00Z Re: TLS/SSL Syslog Splunk Support https://community.splunk.com/t5/Getting-Data-In/TLS-SSL-Syslog-Splunk-Support/m-p/60432#M11983 <P>Splunk does support a TCP w/ SSL input. See <A href="http://docs.splunk.com/Documentation/Splunk/latest/Admin/Inputsconf">http://docs.splunk.com/Documentation/Splunk/latest/Admin/Inputsconf</A> . I have no experience to say how well this works with an rsyslog SSL sender.</P> <P>It does, not, however, support syslog via UDP and DTLS. But, I don't think rsyslog can do this either (I may be wrong there).</P> <P>Best practice (and my personal preference) is to still install a forwarder. It can definitely do SSL to Splunk, and can also support scripted inputs and other non-syslog data coming from those machines.</P> Fri, 25 May 2012 17:38:10 GMT https://community.splunk.com/t5/Getting-Data-In/TLS-SSL-Syslog-Splunk-Support/m-p/60432#M11983 dwaddle 2012-05-25T17:38:10Z