Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Login to resource from Universal Forwarder?

lbogle
Contributor
‎05-22-2014 06:57 AM

Hello,
I am trying to get logs sent from a firewall to a Universal Forwarder. To get logs from the Firewall, I need to configure the Universal Forwarder to provide the firewall with login credentials. Can I do this with a Universal Forwarder or do I need to use a heavy forwarder?
Thanks.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

MuS
SplunkTrust
SplunkTrust
‎05-22-2014 12:02 PM

Hi lbogle,

reading your question, first thing that came up was why not use a scripted input to get these logs?
So did you check out the docs about scripted inputs?

Basically you create a script to get the logs and run this script cron like from the universal forwarder.

hope this helps ...

cheers, MuS

View solution in original post

Reply
Solved! Jump to solution
Solution

MuS
SplunkTrust
SplunkTrust
‎05-22-2014 12:02 PM

Hi lbogle,

reading your question, first thing that came up was why not use a scripted input to get these logs?
So did you check out the docs about scripted inputs?

Basically you create a script to get the logs and run this script cron like from the universal forwarder.

hope this helps ...

cheers, MuS

Reply
Solved! Jump to solution

martin_mueller
SplunkTrust
SplunkTrust
‎05-22-2014 08:51 AM

Well, without any more info I don't know what to say.

0 Karma
Reply
Solved! Jump to solution

lbogle
Contributor
‎05-22-2014 08:50 AM

Ha! I guess thats the question. The firewall need authentication credentials before it will allow the logs to leave so I'm not sure honestly...
Is there a spot in the universal forwarder to supply this information?
It may be too complex a request for the universal forwarder to do.
Thanks Martin.

0 Karma
Reply
Solved! Jump to solution

martin_mueller
SplunkTrust
SplunkTrust
‎05-22-2014 08:15 AM

How does this kind of input work?

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...

As of today, Enterprise Security (ES) Essentials 8.3 is now generally available, helping SOC teams simplify ...

AI for AppInspect

We’re excited to announce two new updates to AppInspect designed to save you time and make the app approval ...

App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community

As we step into 2026, it’s the perfect moment to reflect on what an extraordinary year 2025 was for the Splunk ...