Polycom Video Infrastructure - Monitoring with Spl...

ashishsinghal · ‎07-09-2019

Any success story for this integration ? Right now i am stuck as i am trying to forward Polycom DMA syslogs to splunk and as Polycom uses UDP 514 & as this is a reserve port Splunk can't accept logs from Polcyom. Please advise, if there are other ways.

I am focusing on Quality Monitoring, end point registration & MCUs utilization.

tiagofbmm · ‎07-09-2019

You can send logs to Splunk and configure any available port to listen to those syslog messages:

[tcp://<remote server>:<port>]
* Configures the input to listen on a specific TCP network port.

[udp://<remote server>:<port>]
* Configures the input to listen on a specific UDP network port.

https://docs.splunk.com/Documentation/Splunk/latest/Admin/Inputsconf

Usually sending syslog directly to Splunk is not a best practice but you could instead use an intermediate Syslog-NG or Rsyslog to write it to disk, and have a Splunk UF monitoring those files.

If your Polycom can send HTTP data, you can also enabel HEC on Splunk Indexers and listen to that stream of data directly into Splunk:

https://docs.splunk.com/Documentation/Splunk/7.3.0/Data/UsetheHTTPEventCollector

Polycom Video Infrastructure - Monitoring with Splunk

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Quantify Your Splunk Investment Impact: Introducing Savings Metrics to Value Insights

Event Series: Telemetry Pipeline Management

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Join the Conversation