All Apps and Add-ons

How to configure the Home Monitor app?

rochapablo
Engager

I'm trying to understand how sending logs works.

Today I have a PHP app that receive logs from and send it to Splunk.

But now, I need to change this for something that reads the logs and sends to improve performance. So I have found the Home Monitor . This it's seems very easy, but I'm very noob here.

My doubts are, how to configure this in my localhost to send to a remote Splunk host? And how to do this on my Windows (local) and Linux (staging, qa and prod).

I'm sorry if I'm asking for too much thing, but any tip it will be very helpful.

amiracle
Splunk Employee
Splunk Employee

Here's the concept with your scenario :

To send data from your app, install a Splunk Forwarder on your Windows or Linux machines (http://www.splunk.com/en_us/download/universal-forwarder.html ). Once they have been installed, then simply monitor the log file and have it send into the Home Monitor app on your Splunk enterprise machine.

Since I don't have any concrete sample data or any other settings, I can only speculate that your system will have a log type that the app will recognize by default.

There are other resources that can help with setting up your app, they include the Home Monitor App wiki on git : https://github.com/amiracle/homemonitor/wiki/1---Setup-home-%7C-monitor-app-for-Splunk and my blog posts : http://amiracle19.blogspot.com especially around troubleshooting : http://amiracle19.blogspot.com/2015/09/troubleshooting-home-monitor-app.html .

Thanks,
Kam

0 Karma

cush4x
New Member

Using FIOS Quantum router.....remote administration says port 443/8443. I added these udp ports (via clone) buy still no data input coming into Splunk. Please advise

0 Karma

amiracle
Splunk Employee
Splunk Employee

That port is not related to the Home Monitor App. Those ports are used to log into the router from remote locations. I would strongly advise against opening those ports. The port that the Splunk server should listen in on is UDP 514 (syslog).

0 Karma

cush4x
New Member

It would be helpful if you updated your directions for Quantum router and latest version of your app..... Newbies like me cant get data into Splunk.

0 Karma

amiracle
Splunk Employee
Splunk Employee

I would need to do some research on setting up this router. Let me ask you some questions about the router. Does it have a setting for sending syslog data?

0 Karma

cush4x
New Member

Yes, it has some areas very similar to the router you used in your YouTube video. I can send you some screenshots of my settings if that would be helpful. Send me an email address please or write me at cush4x@gmail.com

0 Karma

amiracle
Splunk Employee
Splunk Employee

Are you still having problems or did you get your app to properly send over the data into the Home Monitor App?

0 Karma

amiracle
Splunk Employee
Splunk Employee

Hey there, I can try and help you out with your questions. First, the home monitor app was designed to take data from home routers and firewalls to show network traffic statistics such as blocked traffic from what IP's etc. What kind of logs are you sending from your PHP app? How are they formatted? Can you supply a sample event? I'll see what I can do to help out, but it should be easy to send you in the right direction.

Thanks,
Kam

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...