Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Adding custom key-value pairs as part of the message in CEF format

nithin_shubhana
Explorer
‎02-13-2014 03:18 AM

Hi Team,
I would like to forward the syslog message output as CEF format and also would like to add additional custom key-value pairs and forward this message to the Thirdparty tool.

Can anyone let me know if my above need can be fulfilled by the "Splunk Real-Time Output" tool?

Thanks in advance.

Tags (2)
0 Karma
Reply

matthieu_araman
Communicator
‎04-23-2015 01:49 AM

Splunk app cef does this in a easy way (it replace Splunk realtime output app)

0 Karma
Reply

kristian_kolb
Ultra Champion
‎02-13-2014 07:29 AM

Please refrain from posting the same question several times.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Lantern | Spotlight on Security: Adoption Motions, War Stories, and More

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Cloud | Empowering Splunk Administrators with Admin Config Service (ACS)

Greetings, Splunk Cloud Admins and Splunk enthusiasts! The Admin Configuration Service (ACS) team is excited ...

Tech Talk | One Log to Rule Them All

One log to rule them all: how you can centralize your troubleshooting with Splunk logs We know how important ...