About hojinpk

hojinpk · ‎10-09-2015

First of all thank you for your reply. -. I configured it on /opt/splunk/etc/system/local/inputs.conf -. And then I restarted Splunk. /opt/splunk/bin/splunk restart However, I didn't enable the forwarding app. I just set to Forwarder license group and I configured inputs.conf, props.conf, transforms.conf and outputs.conf to forward received data to the others. Could you let me know how can I enable the forwarding app?

hojinpk · ‎10-08-2015

Hello, I'd like to send syslog data to other syslog server via SplunkForwarder. So I configured in outputs.conf of the SplunkForwarder as below. However the packets are sending to 10.10.10.1 only. With this configuration, 10.10.10.2 server is not received syslog when syslog is sending to 10.10.10.1 server of course. But I can't see any incoming syslog on 10.10.10.2 even if I wait for a long time, about 1~2 hours. [syslog:our_syslog] disabled = false autoLB = true autoLBFrequency = 40 server = 10.10.10.1:514, 10.10.10.2:514 type = udp P.S.) I confirmed that the UDP packet can be sent from SplunkForwarder server to 10.10.10.2 with Linux command: $ echo –n “hello” >/dev/udp/10.10.10.2/514 Could you give me any clue for resolve the issue? Thank you in advance.

hojinpk · ‎02-06-2014

Hi Maik, Did you solve the problem? I am suffering the same problem. help me, don't let me leave alone. Thank you in advance.

Posts	3
Solutions	0
Karma Given	0
Karma Received	0
Member Since	‎01-26-2012

Online Status	Offline
Date Last Visited	‎06-05-2020 02:03 AM

SplunkForwarder Loadbalancing

Re: SplunkForwarder Loadbalancing

SplunkForwarder Loadbalancing

Re: Trouble getting data into Fortigate app