Search

woodcock · ‎12-03-2012

...14". I made sure to enable ports with these lines in default-mode.conf: [pipeline:udp] disabled=false But I am not getting anything coming in to Splunk. I have cygwin installed and w...

louismai · ‎11-01-2019

Hi all, I have a cluster with 2 indexers. I want to collect the UDP logs from Fortinet Firewall. I have setup the syslog forwarding from our FW to 1 indexer, but we haven't received any log data....

akd9 · ‎09-05-2017

the configuration for tcp port is below but need to the same for udp port Transforms: [bigmoney] REGEX = event DEST_KEY=_TCP_ROUTING FORMAT=bigmoneyreader Props: [host::machine n...

lakromani · ‎09-25-2017

....10.128 to-ports=43905 protocol=udp dst-address=110.12.197.134 in-interface=ether1 dst-port=43905 4 D ;;; upnp 10.10.10.128: Skype TCP at 10.10.10.128:43905 (3909) chain=dstnat a...

MonkeyK · ‎02-05-2017

...n the search app, I do not see events from syslog or RT-N66U or asus. I tried running netstat -p UDP, that returns nothing. netstat -p TCP does return a lot of high ports and 8000, 8191 (I think t...

gfaggiano · ‎02-26-2015

...ere running and did a netstat to make sure the ports were getting through. all good. My problem is that I've tried setting up some data inputs, but i'm not sure I did it correctly because i'm get...

vikasverma1985 · ‎08-08-2018

...eavy forwarders which receives syslogs from network appliances and then HF sends that data to indexers. On HFs, we have redirected data coming on UDP 514 port to 1514 using iptables. Also, I have c...

surekhasplunk · ‎05-12-2019

...istener $InputUDPServerBindRuleset mcafee ## and activate it: $UDPServerRun 514 I have added above patch of code to rsyslog.conf file to get the data coming via port 514 but even then i am not s...

javiergn · ‎04-29-2016

...nformation on how to configure a Splunk forwarder or single-instance to receive a syslog input, see "Get data from TCP and UDP ports" in the Getting Data In manual. Which I find incredibly limited and n...

Hemnaath · ‎05-15-2018

...s words are not included. Actual Requirement: Instead of the word of the service, just put the value of the port number in the logs. Sample data: Event Details: 1 time=1522839628|loc=1...

Search

Search the Community

SonicWall Viewpoint 6.0: export logs to Splunk via...

Splunk cluster collecting UDP log receiving port

I need to transfer the data from Splunk to a third...

Problem splitting data, lines are lost from script...

Home Monitor: How to configure the app to get sysl...

How to troubleshoot why I am receiving no data fro...

syslog data on udp port is showing as zero bytes i...

syslog server ip to monitor access.log via 514 por...

Splunk Add-on for McAfee: How to collect McAfee In...

How to add the destination port value for a firewa...