I am trying to get a forwarder using the outputs.conf file on an ossec server to forward the logs to a splunk server.
I can not find anything at all on the proper setup to this and have all of the same items place on the old splunk server V5 and the new splunk server V6. They are able to communicate because I am able to get the agent status information off of the servers.
IS there anything that I should be checking or placing?
Ive gone through countless websites and searches through /answers/ but I can not find anything at all to help me.
... View more