All Apps and Add-ons

Splunk Add-0n for Squid Proxy

eholz1
Path Finder

Hello All,

has anyone used this add-on? has anyone got it to work?

I have followed the directions posted her:https://docs.splunk.com/Documentation/AddOns/released/Squid/Setup

I have a  remote virtual machine that is our squid/proxy. I have splunk forwarder installed  on it. I am using the "free" splunk server. I have installed the splunk universal forwarder on the squid/proxy. it forwards data to my free splunk. I configured my squid.conf file for both the recommened logformat and the standard format. I only get garbage - cooked data, etc no squid fields like "src_ip" etc. Can I assume this just does not work - and just forward the squid log via syslog-ng, etc.

Please let me know,

 

Thanks

Eric W.

 

 

 

Labels (3)
Tags (1)
0 Karma

eholz1
Path Finder

Thanks for the help on this. all is well, works fine

0 Karma
Get Updates on the Splunk Community!

Filtering logs before indexing using transforms.conf and props.conf creates ingestion ...

Filtering logs before indexing using transforms.conf and props.conf creates ...

Timecharts look like very flat

<span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Jennifer_0-1656485114286.png" ...

Why getting timeout error while adding data to the Splunk cloud index from REST API?

Hello Team,<BR /><BR />I am getting timeout error while adding data to Splunk cloud index from REST API. I am ...