Solved: Re: How to index logs in Splunk 6.4 from a Box fol...

vasanthmss · ‎04-29-2016

Hi Splunker,

Looking forward to onboarding logs from a Box folder. Not the Box access logs, it's a custom log file uploaded in box.

I can think of the below options,

sync the box folder in the heavy forwarder and monitor the files. - Box provides ftp not sftp.
write a script to download the files and add oneshot. - like curl .. this required to provide the password.

FYI : Linux environment with Splunk 6.4

My Questions are,

which of the above options is good? I can see both are not suites security policy.
is there any other better options?

Thanks,
V

V

jtacy · ‎04-29-2016

Not that I'm a big fan of FTP for new projects, but Box supports FTPS and that's probably the way I would go. You can find the connection information here:
https://community.box.com/t5/Managing-Your-Content/Using-Box-with-FTP/ta-p/312

jtacy · ‎04-29-2016

Not that I'm a big fan of FTP for new projects, but Box supports FTPS and that's probably the way I would go. You can find the connection information here:
https://community.box.com/t5/Managing-Your-Content/Using-Box-with-FTP/ta-p/312

How to index logs in Splunk 6.4 from a Box folder?