IT Operations Discussions
All the up-time. All the nines.

splunk@home +Syslog +MCAS

New Member

Hello all!

I m stucking a bit, and I want to verify some points. I m a technical guy that want to use more professional software at home. I have a pfsense firewall with snort, and a lot of Switches APs and so on. I want to archive:

1) Use Splunk as Syslog server, and have all data of my systems here

I have created the syslog TCP/UDP ports, but do I really need a 3rd party syslog Server on the same server? I was expecting with that config, that Splunk is open the ports and play syslog Server from now. Yes best practice is a other server, but I m a homeuser. Is it really not possible that splunk do all of the job?

2) Want to upload the Data to Microsoft Cloud App Security to consume here. 

I have seen the Connector available, so should not the problem

3) Want to use all this features for free 🙂

I have seen the 500MB Limit per day, thats OK. But is also the Connectors like MCAS included here? Is the approach of download the Enterprise version, wait to expire and than switch to free right? I want to avoid that I configure now, and than I have to install a other software

0 Karma
Get Updates on the Splunk Community!

Improve Your Security Posture

Watch NowImprove Your Security PostureCustomers are at the center of everything we do at Splunk and security ...

Maximize the Value from Microsoft Defender with Splunk

 Watch NowJoin Splunk and Sens Consulting for this Security Edition Tech TalkWho should attend:  Security ...

This Week's Community Digest - Splunk Community Happenings [6.27.22]

Get the latest news and updates from the Splunk Community here! News From Splunk Answers ✍️ Splunk Answers is ...