About tladd1212

tladd1212 · ‎07-28-2015

You're not the only one is confused, but that does clarify it for me - thanks.

tladd1212 · ‎07-28-2015

Thanks for your reply. I look into setting that up on the Kiwi Syslog side. Yes, I am testing with the free version of Splunk ES, and agree that there is plenty of complexity to get my arms around. One step at a time ... thanks again. Tom

tladd1212 · ‎07-27-2015

I am new to Splunk. I have installed Splunk ES 6.2.3 as an Indexer on a Windows 2008 R2 server. As an initial test, I installed the application and Forwarder App on another Windows 2008 server (which happens to be a Domain Controller). This seems to work fine as I am able to run searches and reports on the events from the remote server. So far so good ... We have previously deployed Kiwi Syslog Server ver. 9.4.2. This is already collecting events and alerts from all of our network devices and servers. Ideally, I would like to send the data from Kiwi Syslog into Splunk (rather than have every single device forward log information to the Splunk Indexer directly). Now, I installed the Splunk ES on the same Windows 2008 server that is running Kiwi Syslog. Now, if Kiwi Syslog had been on a different server, I guess I would simply set up a Forwarder there. But how do I get the syslog information into Splunk if it resides on the same server? This may seem like a strange question, but remember I'm a newbie 🙂 Any advice or suggestions would be appreciated. Thanks, Tom

Posts	3
Solutions	0
Karma Given	0
Karma Received	0
Member Since	‎07-27-2015

Online Status	Offline
Date Last Visited	‎06-05-2020 02:04 AM

How do I send data from Kiwi syslog to a Splunk in...

Re: How do I send data from Kiwi syslog to a Splun...

Re: How do I send data from Kiwi syslog to a Splun...

How do I send data from Kiwi syslog to a Splunk in...