Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Syslog forwarding

new2splunk3
New Member
2 weeks ago

I have an appliance that can only forward syslog via UDP. Is there a way for me to forward the udp syslog to a machine that has a Heavy Forwarder, or UF on it and have the forwarder relay the Syslog via TLS to the server running my Splunk Enterprise Instance?

Labels (2)
Labels
0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
a week ago

Two things.

1. A Heavy Forwarder is a Splunk Enterprise instance. It's just doing forwarding.

2. If you can receive your UDP traffic at the forwarder why send it to another Splunk instance with syslog instead of native Splunk protocol?

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
a week ago

Perhaps this answer will help: https://community.splunk.com/t5/Splunk-Enterprise/Having-Syslog-logs-into-SPLUNK/m-p/693546/highligh...

---
If this reply helps you, Karma would be appreciated.
Reply
Get Updates on the Splunk Community!

New Case Study Shows the Value of Partnering with Splunk Academic Alliance

The University of Nevada, Las Vegas (UNLV) is another premier research institution helping to shape the next ...

How to Monitor Google Kubernetes Engine (GKE)

We’ve looked at how to integrate Kubernetes environments with Splunk Observability Cloud, but what about ...

Index This | How can you make 45 using only 4?

October 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...