Thank's for help. I am not sure did I correct understand how to implement this in my case. On Splunk side a need to configure inputs.conf and server.conf. The outputs.conf is use on client side (sending syslog device/ universal forwarder etc). In my case I don't have option to configure password to sendings log from Synology. I Can only import certificate, if ssl is enabled to sending syslog. I don't really understand why there is password needed. I don't setup any password for ssl. Is it require to set password. ... View more

@tskubisz This will give you a walkthrough on how to generate it all for Splunk https://docs.splunk.com/Documentation/Splunk/8.0.2/Security/Howtoself-signcertificates Yes, the certificate needs to be on the Device sending the syslog, go through this document for a thorough walkthrough https://docs.splunk.com/Documentation/Splunk/8.0.2/Security/ConfigureSplunkforwardingtousesignedcertificates Validation step: https://docs.splunk.com/Documentation/Splunk/8.0.2/Security/Validateyourconfiguration ... View more