Solved: Re: Barracuda Spam and Virus Firewall

wsothard · ‎05-25-2012

I am having issues pulling data from our Barracuda Spam and Virus firewall.

It is a: Model 600, running older firmware: v3.5.12.025

Any idea on how to get data into the Splunk system?

joshd · ‎05-25-2012

What type of issues are you running into? Depending on your network config, you should be able to enable syslog logging on the barracuda device and point it directly to the Splunk server, and on the Splunk server make sure you've enabled a UDP data input for port 514 (default syslog port).

View solution in original post

wsothard · ‎05-25-2012

That got it... I was setting it up incorrectly. Thank you for the help as I just got Splunk yesterday and have never worked with it before.

joshd · ‎05-25-2012

Glad to hear it's working, if you need any help with field extractions, etc... let me know. I've worked with various Barracuda devices before.

joshd · ‎05-25-2012

What type of issues are you running into? Depending on your network config, you should be able to enable syslog logging on the barracuda device and point it directly to the Splunk server, and on the Splunk server make sure you've enabled a UDP data input for port 514 (default syslog port).

Barracuda Spam and Virus Firewall

Detecting Remote Code Executions With the Splunk Threat Research Team

Enter the Splunk Community Dashboard Challenge for Your Chance to Win!

.conf24 | Session Scheduler is Live!!