Hi there,
I'm using a Splunk UF to monitor a Windows folder and syslog the events to a remote server where they are collected and written to Hadoop.
From reading previous questions here, I understand that the syslog universal forwarder is RFC 3164 compliant. That is, events have a maximum length of 1024 bytes, after which they are truncated. I was wondering if there are plans to change that (perhaps by implementing RFC 5424?). If not, could anyone suggest an alternative?
Thanks in advance.
... View more