Hey guys so I'm new to Splunk and setup Splunk Enterprise on AWS to monitor my AWS environment.
I would like to leverage Splunk to monitor my homelab as well and would like to start with my Sophos UTM 9 firewall and FreeNAS server. I setup syslog-ng server and successfully have Sophos logging to it.
Using CLI I got the forwarder to connect to the Receiver (AWS) but now a bit lost. Now I think I have to get the Splunk forwarder to pick up the syslog-ng logs and I need to use this using inputs.conf ?
I also found this FreeNAS app for Splunk. Where does this get installed? On the forwarder or the receiver?
Thanks for the help. I'm having a hard time wrapping my head around all of this.
... View more