Actually, I don't know if this question is actually valid to be asked here or not. So, I'm going to give it a shot here.
I have a requirement to monitor Border Network Gateway (BNG)'s accounting traffic using Splunk. The data input seems to be quite straightforward with the usage of UDP port 1813 to send the traffic. But the problem is, to throw the traffic into Splunk, the BNG has to share a secret key just like when we are trying to throw the traffic to a RADIUS server. Below is the sample command from BNG side:
Hi vincenteous, I believe that you will want to not directly forward the authentication events to Splunk itself, but instead setup a radius server to log the authentication events locally, and then use the splunk forwarder to input those events like any other file monitor input. In this way you don't have to worry about the shared secret key from the splunk perspective.