Is it possible to have splunk forward data to another 3rd party system that is expecting syslog?
Yes,
Splunk can forward any RFC 3164 compliant events from any platform to a TCP/UDP based server and port, making the payload of any non-compliant data RFC 3164 compliant. You can specify any of the following:
For more info, see: http://docs.splunk.com/Documentation/Splunk/5.0/Deploy/Forwarddatatothird-partysystemsd
Yes,
Splunk can forward any RFC 3164 compliant events from any platform to a TCP/UDP based server and port, making the payload of any non-compliant data RFC 3164 compliant. You can specify any of the following:
For more info, see: http://docs.splunk.com/Documentation/Splunk/5.0/Deploy/Forwarddatatothird-partysystemsd
Hi,
If I forward the syslog to 3rd party system will I be able to keep the same info in my internal instance of Splunk as well?
Thanks,