I am new to Splunk and I have it installed on my PC at work. I have Aruba Clear Pass syslog target set to forward to my PC's IP on port 512, UDP.
Search field in Splunk is : source="udp:512" sourcetype="syslog". Not getting any results when I run a search.
I tried port 514, UDP as well and still getting nothing. Wondering if its an IOS version issue as I'm running Windows 7 on my PC?