I have setup a UDP syslog on port 514 on the splunk server and it is receiving data on that port from one device.
the second device is on the same subnet and it is still not showing up
the 3rd device is on the other side of a vpn and all ports and traffic UDP and TCP are allowed. all of my other services on all other devices and servers do not have any issues connecting over this link
firewall on the splunk server is off and there are also rules allowing all connections to udp port 514
... View more