Getting Data In

what is the best way to forward the syslog

New Member

Hi Folks,

I would like to know the best method and recommended way to forward the syslogs.

        1. syslog-ng -> Indexer
        2. syslogn-ng with UF --> Indexer
        3. syslog-ng with UF ---> HF ---> Indexer
        4. syslog-ng ---> HF ----> Indexer

Thanks,
Sridhar

Tags (1)
0 Karma
1 Solution

SplunkTrust
SplunkTrust

Number 1 is not possible.
Number 2 is best.
Number 3 is discouraged.
Number 4 is good if you need to transform or filter the data before indexing.

---
If this reply helps you, an upvote would be appreciated.

View solution in original post

0 Karma

SplunkTrust
SplunkTrust

Number 1 is not possible.
Number 2 is best.
Number 3 is discouraged.
Number 4 is good if you need to transform or filter the data before indexing.

---
If this reply helps you, an upvote would be appreciated.

View solution in original post

0 Karma