Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Getting Data In
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Splunk Answers
- :
- Splunk Administration
- :
- Getting Data In
- :
- Re: Using Splunk Universal Forwarder to collect fr...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
koshyk
Super Champion
11-02-2017
05:30 AM
one of our end-user clients have massive information stored in ELK stack. Our company needs to collect those data into Splunk using Splunk Universal forwarder . They can't send us fluentd due to firewall restrictions.
- How can Splunk UF read from logstash? Does it have to query ELK api to do this?
- Can Splunk UF do polling to get data on a regular basis?
Worse case I'm asking them to write the data into a file , but wanted to see Splunk UF native intergration to ELK if its present
1 Solution
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
jayannah
Builder
12-17-2017
02:32 PM
Yes, you can do in multiple ways
- Configure logstash send the data over to Splunk using tcp output plugin and create tcp input on Splunk
- On logstash use http output plugin to send to Splunk
- Config logstash to write the events to log file and have Splunk forwards to read and send to Splunk indexes
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
jayannah
Builder
12-17-2017
02:32 PM
Yes, you can do in multiple ways
- Configure logstash send the data over to Splunk using tcp output plugin and create tcp input on Splunk
- On logstash use http output plugin to send to Splunk
- Config logstash to write the events to log file and have Splunk forwards to read and send to Splunk indexes
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ragmenion
New Member
02-28-2020
06:19 AM
Hello Can you help with option 2. examples are appreciated
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ragmenion
New Member
02-28-2020
06:18 AM
Hi.
Can you help me with option too . i am not able to work that out. examples would help
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ddrillic
Ultra Champion
11-02-2017
07:15 AM
Interesting, a thread about the opposite direction - Can we use a Splunk universal forwarder to forward logs to an ELK server (Kibana)?
Get Updates on the Splunk Community!
More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk
Tuesday, May 14, 2024 | 11AM PT / 2PM ET
Register to Attend
Join us for this Tech Talk and learn how to ...
.conf24 | Personalize your .conf experience with Learning Paths!
Personalize your .conf24 Experience
Learning paths allow you to level up your skill sets and dive deeper ...
Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...
WATCH NOWAs AI starts tackling low level alerts, it's more critical than ever to uplevel your threat hunting ...
