...14".
I made sure to enable ports with these lines in default-mode.conf:
[pipeline:udp]
disabled=false
But I am not getting anything coming in to Splunk.
I have cygwin installed and w...
Hi all,
I have a cluster with 2 indexers. I want to collect the UDP logs from Fortinet Firewall. I have setup the syslog forwarding from our FW to 1 indexer, but we haven't received any log data....
the configuration for tcpport is below but need to the same for udpport
Transforms:
[bigmoney]
REGEX = event
DEST_KEY=_TCP_ROUTING
FORMAT=bigmoneyreader
Props:
[host::machine n...
...n the search app, I do not see events from syslog or RT-N66U or asus.
I tried running netstat -p UDP, that returns nothing. netstat -p TCP does return a lot of high portsand 8000, 8191 (I think t...
...ere running and did a netstat to make sure the ports were getting through. all good.
My problem is that I've tried setting up some data inputs, but i'm not sure I did it correctly because i'm get...
...eavy forwarders which receives syslogs from network appliances and then HF sends that data to indexers. On HFs, we have redirected data coming on UDP 514 port to 1514 using iptables. Also, I have c...
...istener
$InputUDPServerBindRuleset mcafee
## and activate it:
$UDPServerRun 514
I have added above patch of code to rsyslog.conf file to get the data coming via port 514 but even then i am not s...
...nformation on how to configure a Splunk forwarder or single-instance to receive a syslog input, see "GetdatafromTCPandUDPports" in the Getting Data In manual.
Which I find incredibly limited and n...
...s words are not included.
Actual Requirement:
Instead of the word of the service, just put the value of the port number in the logs.
Sample data:
Event Details: 1
time=1522839628|loc=1...