I have a large environment to deploy Splunk cloud and trying to leverage the syslog server (Rsyslog) in front of a load balancer, with UF on top.
As per my research, I have found a wonderful document which automates the inputs.conf and props.conf creation based on an excel sheet, relying on separation based on devices hostnames.
The link for documentation is here: https://conf.splunk.com/files/2017/slides/the-critical-syslog-tricks-that-no-one-seems-to-know-about...
I'm wondering if anyone has used the provided scripts for this automation? I couldn't find any explanation on how the python scripts work?link to gitlab: https://gitlab.com/rationalcyber/splunk_syslog_inputs
link to script: https://gitlab.com/rationalcyber/splunk_syslog_inputs/-/tree/master/src
Thanks in advance!