I am trying to add PAN traps logs into splunk. It is syslog and traps sends the log on SSL. I got the SSL certs. I need some help is setting up SSL connection from forwarder to traps cloud.
Anyone can help?
The docs recommend to use an intermediary software to receive the snmp traps (with ssl or not), then write them to a file on disk.
The use splunk to monitor the file and index it.
The other input (Tcp with ssl) is for syslog, but I am not sure if this is appropriate for SNMP traps data.
Thanks for your reply. It is not SNMP traps. It is PAN traps log. The second link you mentioned, is not opening.
Sorry. I fixed the link
So you are sending logs over classic syslog channels.
You can use the splunk UDP/TCP inputs described on the link
or you can use a syslog server to write the logs to disk, and have splunk monitor the files.