Splunk Connect for Syslog This is Splunk’s preferred method of ingesting high volumes of data. Details can be located here → https://splunk-connect-for-syslog.readthedocs.io/en/latest/ TCP Data Input Navigate to Settings -> Data Inputs -> TCP (Add new) This brings you to following screen. In this step, we will configure Splunk to listen on TCP using port 514. NSS only supports TCP, but the destination port is configurable. Most administrators use port “514” as it is the default port for UDP based syslog. After configuring SIEM port, click next We're following the above step but not able to find TCP / UDP configure the port to synced with Zscaler NSS. I'm logging in Splunk Cloud portal as trial member. Could it be restriction/privilege to my trail account ? Please advice Thanks Asif
... View more