IT Operations Discussions
All the up-time. All the nines.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

splunk@home +Syslog +MCAS

Interessierter
New Member
‎12-30-2020 07:54 AM

Hello all!

I m stucking a bit, and I want to verify some points. I m a technical guy that want to use more professional software at home. I have a pfsense firewall with snort, and a lot of Switches APs and so on. I want to archive:

1) Use Splunk as Syslog server, and have all data of my systems here

I have created the syslog TCP/UDP ports, but do I really need a 3rd party syslog Server on the same server? I was expecting with that config, that Splunk is open the ports and play syslog Server from now. Yes best practice is a other server, but I m a homeuser. Is it really not possible that splunk do all of the job?

2) Want to upload the Data to Microsoft Cloud App Security to consume here. 

I have seen the Connector available, so should not the problem

3) Want to use all this features for free 🙂

I have seen the 500MB Limit per day, thats OK. But is also the Connectors like MCAS included here? Is the approach of download the Enterprise version, wait to expire and than switch to free right? I want to avoid that I configure now, and than I have to install a other software

0 Karma
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...