I want to forward a flat file to a third party sys...

pbowen1964 · ‎10-13-2013

I have several home grown applications that generate flat files.
I can install the splunk forwarder on the server but need it to forward as syslog line by line
like a typical syslog forwarder to splunk and a third party solution

Lucas_K · ‎10-13-2013

You can do something slightly different and send it direct with a uf to splunk and then use Splunk Realtime output to send it on to the 3rd party syslog device/party. By using the output you can filter when you send to that 3rd party also.

The Splunk Realtime output app is here -> http://apps.splunk.com/app/1009/

Lucas_K · ‎10-14-2013

'Will this realtime app read the whole flat file and send it line by line to my syslog destination?' No, it forwards events already contained with in a splunk index, in realtime, to a syslog destination.

You can also do it this way also : http://docs.splunk.com/Documentation/Splunk/6.0/Forwarding/Forwarddatatothird-partysystemsd

pbowen1964 · ‎10-14-2013

Not sure I am following as I am very new to splunk
Will this realtime app read the whole flat file and send it line by line to my syslog destination?
I will have thousands of flat files daily and need to send them line by line to the third party as well as to splunk.

I want to forward a flat file to a third party syslog destination using splunk

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!