Reporting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Is it possible to send logs from Splunk Enterprise server to ELK?

harunglec
New Member
‎11-22-2018 03:21 AM

I want to send incoming logs to external server like ELK from Splunk Instance. Generally, In documentation only "how Splunk forwarders can send to third party systems" is written. Is it possible to send incoming logs from Splunk server to external systems? And How?

Tags (1)
0 Karma
Reply

harunglec
New Member
‎11-23-2018 05:09 AM

I want to use Splunk Enterprise as our main SIEM production. But to run some scripts and use logs in our R&D activities, We want to send logs from Splunk Enterprise Server to ELK. We have done this but Splunk sent logs parsed. So we couldnt see raw data. If is it possible we want to get logs in JSON format.

0 Karma
Reply

Richfez
SplunkTrust
SplunkTrust
‎11-22-2018 06:50 PM

I think the section of the docs you want is the route and filter data. Specifically, maybe, this part of it about sending data to third parties.

If those aren't what you need, could you provide a bit more information as to why not, or provide more specifics about exactly what you are trying to do so we can try to modify those for your needs a bit?

Thanks and Happy Splunking,
Rich

0 Karma
Reply
Get Updates on the Splunk Community!

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...

Updated Team Landing Page in Splunk Observability

We’re making some changes to the team landing page in Splunk Observability, based on your feedback. The ...

New! Splunk Observability Search Enhancements for Splunk APM Services/Traces and ...

Regardless of where you are in Splunk Observability, you can search for relevant APM targets including service ...