×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
davidleecrites
New Member
Member since: ‎01-27-2016
‎06-05-2020
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎01-27-2016
Activity Feed
Topics I've Started
No posts to display.
View All

Re: Forward data from logstash-forwarder to Splunk...

by in Getting Data In
‎01-27-2016 10:37 PM
‎01-27-2016 10:37 PM
While this is a quick-and-dirty answer, it did not answer his need, nor would it answer mine. Here is my situation: I have a client who already has logstash everywhere on their system. Every box has a logstash forwarder, and they all point to the single logstash server. I want to provide a serious, and real-time "proof" that Splunk can do the job better. I don't have the luxury of installing splunk universal forwarder on every single production system in order to do this, and while a subset of them might show a bit of the power, getting everything will come much closer to being a slam dunk for the deal. I cannot imagine that I am the first person who would like to siphon off the logstash forwarder data for use in Splunk, at least temporarily. So I'm thinking that SOMEONE "out there" has figured out how to pull it off. I'm not asking for a permanent solution, just a way to pull it off for a quick demo. Once everyone is on-board, then the systematic replacement of the logstash forwarders will commence. Thanks muchly, DL ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM