Getting Data In

Critical Syslog Server Tricks

aydinmo
Explorer

Hi all,

I have a large environment to deploy Splunk cloud and trying to leverage the syslog server (Rsyslog) in front of a load balancer, with UF on top.

As per my research, I have found a wonderful document which automates the inputs.conf and props.conf creation based on an excel sheet, relying on separation based on devices hostnames.

The link for documentation is here: https://conf.splunk.com/files/2017/slides/the-critical-syslog-tricks-that-no-one-seems-to-know-about...

I'm wondering if anyone has used the provided scripts for this automation? I couldn't find any explanation on how the python scripts work?

link to gitlab: https://gitlab.com/rationalcyber/splunk_syslog_inputs

link to script: https://gitlab.com/rationalcyber/splunk_syslog_inputs/-/tree/master/src

Thanks in advance!

0 Karma
Register for .conf21 Now! Go Vegas or Go Virtual!

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.