Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Printer logs

aleksandarrrc
Explorer
‎10-15-2012 12:25 AM

Hello,
Is there any manual, where i can see how to collect print logs from remote machine?
The printer from which i have to collect event logs is Lexmark X464 de.

Edit:
I configured Lexmark to send audit logs, to ip of the machine where Splunk is installed. I also configured syslog UDP port in SplunkWeb but it still don't collect event logs from printer.
Is there at least any command in cmd to test connections between printer and Splunk.
Thanks in advance.

Last Edit:
Sry for the question, problem solved!

Tags (1)
0 Karma
Reply

tskinnerivsec
Contributor
‎10-16-2012 03:55 AM

I know you solved your issue, but the best way to test your connection between the printer and the splunk instance would be to use tcpdump if it is a linux system (tcpdump -i eth0 (or whatever your interface name is) port 514 (or whatever port you are sending syslog to). If splunk was running on a windows computer, you could use a tool like wireshark to listen for the syslog traffic. If you see the traffic and still didn't see it in your instance, I would check the host based firewall. Anti-virus shouldn't have anything to do with it.

0 Karma
Reply

Drainy
Champion
‎10-16-2012 03:59 AM

In this case the packets were still arriving on the computer but a software firewall was playing up after a botched uninstall and was still blocking them, there was quite a bit of troubleshooting yesterday in the IRC channel 🙂

0 Karma
Reply

aleksandarrrc
Explorer
‎10-16-2012 01:40 AM

The solution was to make sure, that both firewall and Antivirus are turned off.

0 Karma
Reply

aleksandarrrc
Explorer
‎10-16-2012 03:45 AM

That is certainly, more precise answer 🙂

Reply

Drainy
Champion
‎10-16-2012 01:44 AM

Well, I wouldn't neccessarily say turn off the antivirus, just be sure that it isn't interfering with Splunks operation and that any built in firewall has exceptions for your ports. As I understand it you just had a botched install/uninstall which isn't quite the same as needing both off 🙂

Reply
Get Updates on the Splunk Community!

Unlock Database Monitoring with Splunk Observability Cloud

  In today’s fast-paced digital landscape, even minor database slowdowns can disrupt user experiences and ...

Purpose in Action: How Splunk Is Helping Power an Inclusive Future for All

At Cisco, purpose isn’t a tagline—it’s a commitment. Cisco’s FY25 Purpose Report outlines how the company is ...

[Upcoming Webinar] Demo Day: Transforming IT Operations with Splunk

Join us for a live Demo Day at the Cisco Store on January 21st 10:00am - 11:00am PST In the fast-paced world ...