Archive
Highlighted

splunk syslog configuration

Explorer

How can I configure my splunk syslog server and client so that I can see logs for client application like apache,mysql,jboss

Tags (1)
0 Karma
Highlighted

Re: splunk syslog configuration

Contributor

I guess what you want to do is forwarding your logs to an indexer!

Basically you do following:

On the forwarding (UI) side you do following:

  • Manager » Forwarding and receiving » Forward data » Add New
  • Host(s) : < your_receiver_host:9997 >

On the receiving/indexing (UI) side you do following:

  • Manager » Forwarding and receiving » Receive data » Add New
  • Listen on ports : 9997