All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk for Netscaler

jrod
New Member
‎02-08-2011 06:24 PM

I have installed the Splunk for Netscaler app. How do I add my Netscaler device into Splunk?

Tags (1)
0 Karma
Reply

rjyetter
Path Finder
‎03-09-2011 08:08 PM

You need to configure netscaler to send syslog to a loghost, from there you can can either use splunk or syslog or syslog-ng to capture the logs and forward to Splunk. Our current set up is the web logs are processed in real time for forensics and then FTP'd nightly to a server where Splunk consumes it. I guess it is all a matter of preference. HTH

0 Karma
Reply

splunkn
Communicator
‎02-23-2012 12:27 PM

Is it possible to have the Netscaler send directly to Splunk? I'd prefer that metod if possible as I've currently have our Netscaler setup to send ns_log direclty to Splunk but I'm not seeing any data.

Reply

nse
Explorer
‎02-08-2011 07:34 PM

You need to have splunk set up to index your logs from your NetScaler device.

To configure the app set the sourcetype of your NetScaler logs to ns_log. If your data has already been indexed under a different sourcetype you will need to create a sourcetype alias for ns_log.

0 Karma
Reply

nse
Explorer
‎02-08-2011 10:05 PM

Yes, if the logs are on a different machine than the indexer you'll have to set up forwarding or some other solution.

0 Karma
Reply

jrod
New Member
‎02-08-2011 08:23 PM

Is this set up in "Data Inputs"?

0 Karma
Reply
Get Updates on the Splunk Community!

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...