Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How do you forward Tripwire log messages to Splunk Cloud?

Michael_Carlisl
Explorer
‎09-26-2016 10:16 AM

I'm trying to view/send Tripwire logs to my Splunk Cloud instance. There is an option in Tripwire to forward logs to a TCP host and port. I configured this to point to my Splunk instance, but cannot see the logs anywhere. Is there some special repository it goes into to view these logs? Do I need to do something extra (i.e. configure the Splunk forwarder to actually send the log files instead of Tripwire)?

Thanks!
Michael

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

Michael_Carlisl
Explorer
‎09-29-2016 09:20 AM

Ended up just setting the forwarder to pick up the Tripwire syslog...

https://answers.splunk.com/answers/72901/how-to-convert-a-splunk-universal-forwarder-in-intermediary...

Best,
Michael

View solution in original post

Reply
Solved! Jump to solution
Solution

Michael_Carlisl
Explorer
‎09-29-2016 09:20 AM

Ended up just setting the forwarder to pick up the Tripwire syslog...

https://answers.splunk.com/answers/72901/how-to-convert-a-splunk-universal-forwarder-in-intermediary...

Best,
Michael

Reply
Get Updates on the Splunk Community!

Part 2: Diving Deeper With AIOps

Getting the Most Out of Event Correlation and Alert Storm Detection in Splunk IT Service Intelligence   Watch ...

User Groups | Upcoming Events!

If by chance you weren't already aware, the Splunk Community is host to numerous User Groups, organized ...

Splunk Lantern | Spotlight on Security: Adoption Motions, War Stories, and More

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...