Solved: Re: How to configure OSX Syslogd ??

splunkminiuser · ‎12-27-2013

Hi to all,

I've tried to configure my OSX Splunk server so it will accept data from the syslog deamon (see: https://wiki.splunk.com/Community:HowTo_Configure_Mac_OS_X_Syslog_To_Forward_Data).

I've edited the /etc/syslog.conf file and added ". x.x.x.x". (Where x.x.x.x is the IP of my machine where Splunk should be listening).

After that, I stopped and restarted the Syslog Deamon (as explained in the tutorial).

When I log into Splunk, there is no data. Splunk tells me: "waiting for data".
Do I need to configure Splunk to "receive" the data? And how do I do that?

Thanks in advance!

martin_mueller · ‎12-27-2013

To receive syslog events directly you need to tell Splunk to listen to them: http://docs.splunk.com/Documentation/Splunk/latest/Data/Monitornetworkports

View solution in original post

martin_mueller · ‎12-27-2013

To receive syslog events directly you need to tell Splunk to listen to them: http://docs.splunk.com/Documentation/Splunk/latest/Data/Monitornetworkports

How to configure OSX Syslogd ??

Splunk Enterprise Security: Your Command Center for PCI DSS Compliance

Developer Spotlight with Guilhem Marchand

Cisco Catalyst Center Meets Splunk ITSI: From 'Payments Are Down' to Root Cause in ...

Join the Conversation

How to configure OSX Syslogd ??

Splunk Enterprise Security: Your Command Center for PCI DSS Compliance

Developer Spotlight with Guilhem Marchand

Cisco Catalyst Center Meets Splunk ITSI: From 'Payments Are Down' to Root Cause in ...