IT Operations Discussions
All the up-time. All the nines.

splunk@home +Syslog +MCAS

New Member

Hello all!

I m stucking a bit, and I want to verify some points. I m a technical guy that want to use more professional software at home. I have a pfsense firewall with snort, and a lot of Switches APs and so on. I want to archive:

1) Use Splunk as Syslog server, and have all data of my systems here

I have created the syslog TCP/UDP ports, but do I really need a 3rd party syslog Server on the same server? I was expecting with that config, that Splunk is open the ports and play syslog Server from now. Yes best practice is a other server, but I m a homeuser. Is it really not possible that splunk do all of the job?

2) Want to upload the Data to Microsoft Cloud App Security to consume here. 

I have seen the Connector available, so should not the problem

3) Want to use all this features for free 🙂

I have seen the 500MB Limit per day, thats OK. But is also the Connectors like MCAS included here? Is the approach of download the Enterprise version, wait to expire and than switch to free right? I want to avoid that I configure now, and than I have to install a other software

0 Karma
Get Updates on the Splunk Community!

Ready, Set, SOAR: How Utility Apps Can Up Level Your Playbooks!

 WATCH NOW Powering your capabilities has never been so easy with ready-made Splunk® SOAR Utility Apps. Parse ...

DevSecOps: Why You Should Care and How To Get Started

 WATCH NOW In this Tech Talk we will talk about what people mean by DevSecOps and deep dive into the different ...

Introducing Ingest Actions: Filter, Mask, Route, Repeat

WATCH NOW Ingest Actions (IA) is the best new way to easily filter, mask and route your data in Splunk® ...