Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Printer logs

aleksandarrrc
Explorer
‎10-15-2012 12:25 AM

Hello,
Is there any manual, where i can see how to collect print logs from remote machine?
The printer from which i have to collect event logs is Lexmark X464 de.

Edit:
I configured Lexmark to send audit logs, to ip of the machine where Splunk is installed. I also configured syslog UDP port in SplunkWeb but it still don't collect event logs from printer.
Is there at least any command in cmd to test connections between printer and Splunk.
Thanks in advance.

Last Edit:
Sry for the question, problem solved!

Tags (1)
0 Karma
Reply

tskinnerivsec
Contributor
‎10-16-2012 03:55 AM

I know you solved your issue, but the best way to test your connection between the printer and the splunk instance would be to use tcpdump if it is a linux system (tcpdump -i eth0 (or whatever your interface name is) port 514 (or whatever port you are sending syslog to). If splunk was running on a windows computer, you could use a tool like wireshark to listen for the syslog traffic. If you see the traffic and still didn't see it in your instance, I would check the host based firewall. Anti-virus shouldn't have anything to do with it.

0 Karma
Reply

Drainy
Champion
‎10-16-2012 03:59 AM

In this case the packets were still arriving on the computer but a software firewall was playing up after a botched uninstall and was still blocking them, there was quite a bit of troubleshooting yesterday in the IRC channel 🙂

0 Karma
Reply

aleksandarrrc
Explorer
‎10-16-2012 01:40 AM

The solution was to make sure, that both firewall and Antivirus are turned off.

0 Karma
Reply

aleksandarrrc
Explorer
‎10-16-2012 03:45 AM

That is certainly, more precise answer 🙂

Reply

Drainy
Champion
‎10-16-2012 01:44 AM

Well, I wouldn't neccessarily say turn off the antivirus, just be sure that it isn't interfering with Splunks operation and that any built in firewall has exceptions for your ports. As I understand it you just had a botched install/uninstall which isn't quite the same as needing both off 🙂

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

Hello Splunkers,  We’re excited to kick off a Splunk Dashboard contest! We know that dashboards are a primary ...

May 2026 Splunk Expert Sessions: Security & Observability

Level Up Your Operations: May 2026 Splunk Expert Sessions Whether you are refining your security posture or ...