What would be best way to collect data from HP Devices eg WLC, Routers(HP MSR50-40) and Switches (eg. 10508,3800,5406,5820) with no addon available for HP on splunkbase. Currently we are storing logs as syslogs but if we monitor this, how splunk will parse it ?
If you have the data coming in as syslog then half the work is done. Now you just need to teach Splunk how to parse it.
One way to do that is to save 1,000 or so events in a text file and use the Add Data wizard to load that file. This offers an interactive method to try various settings to see which ones work with your data. Once you find the settings that work, copy them to the props.conf file in the app you created for your HP objects.
--- If this reply helps you, an upvote would be appreciated.