Solved: How to configure OSX Syslogd ??

splunkminiuser · ‎12-27-2013

Hi to all,

I've tried to configure my OSX Splunk server so it will accept data from the syslog deamon (see: https://wiki.splunk.com/Community:HowTo_Configure_Mac_OS_X_Syslog_To_Forward_Data).

I've edited the /etc/syslog.conf file and added ". x.x.x.x". (Where x.x.x.x is the IP of my machine where Splunk should be listening).

After that, I stopped and restarted the Syslog Deamon (as explained in the tutorial).

When I log into Splunk, there is no data. Splunk tells me: "waiting for data".
Do I need to configure Splunk to "receive" the data? And how do I do that?

Thanks in advance!

martin_mueller · ‎12-27-2013

To receive syslog events directly you need to tell Splunk to listen to them: http://docs.splunk.com/Documentation/Splunk/latest/Data/Monitornetworkports

View solution in original post

martin_mueller · ‎12-27-2013

To receive syslog events directly you need to tell Splunk to listen to them: http://docs.splunk.com/Documentation/Splunk/latest/Data/Monitornetworkports

How to configure OSX Syslogd ??

Splunk Observability Cloud’s AI Assistant in Action Series: Analyzing and ...

Elevate Your Organization with Splunk’s Next Platform Evolution

Splunk Answers Content Calendar, June Edition

Are you a member of the Splunk Community?

How to configure OSX Syslogd ??

Splunk Observability Cloud’s AI Assistant in Action Series: Analyzing and ...

Elevate Your Organization with Splunk’s Next Platform Evolution

Splunk Answers Content Calendar, June Edition