Polycom Video Infrastructure - Monitoring with Spl...

ashishsinghal · ‎07-09-2019

Any success story for this integration ? Right now i am stuck as i am trying to forward Polycom DMA syslogs to splunk and as Polycom uses UDP 514 & as this is a reserve port Splunk can't accept logs from Polcyom. Please advise, if there are other ways.

I am focusing on Quality Monitoring, end point registration & MCUs utilization.

tiagofbmm · ‎07-09-2019

You can send logs to Splunk and configure any available port to listen to those syslog messages:

[tcp://<remote server>:<port>]
* Configures the input to listen on a specific TCP network port.

[udp://<remote server>:<port>]
* Configures the input to listen on a specific UDP network port.

https://docs.splunk.com/Documentation/Splunk/latest/Admin/Inputsconf

Usually sending syslog directly to Splunk is not a best practice but you could instead use an intermediate Syslog-NG or Rsyslog to write it to disk, and have a Splunk UF monitoring those files.

If your Polycom can send HTTP data, you can also enabel HEC on Splunk Indexers and listen to that stream of data directly into Splunk:

https://docs.splunk.com/Documentation/Splunk/7.3.0/Data/UsetheHTTPEventCollector

Polycom Video Infrastructure - Monitoring with Splunk

Dashboards: Hiding charts while search is being executed and other uses for tokens

Splunk Observability Cloud's AI Assistant in Action Series: Explaining Metrics and ...

Brains, Bytes, and Boston: Learn from the Best at .conf25

Are you a member of the Splunk Community?

Polycom Video Infrastructure - Monitoring with Splunk

Dashboards: Hiding charts while search is being executed and other uses for tokens

Splunk Observability Cloud's AI Assistant in Action Series: Explaining Metrics and ...

Brains, Bytes, and Boston: Learn from the Best at .conf25