Hello
I have a request to have a SYSLOG server and a SPLUNK server. The request is to have the logs from external sources written to the SYSLOG server then forwarded and read by the SPLUNK server.
I searched and read an old post
https://answers.splunk.com/answers/28680/universal-forwarder-vs-dedicated-rsyslog-syslog-ng-servers-to-forward-syslog-to-splunk-indexer.html
I am using MS Server 2012 R2 for both, SPLUNK Enterprise 7
How would I:
Have logs from different sources (Cisco, Microsoft, Linux) written to a SYSLOG Server.
Forward the log to a SPLUNK server
Thanks
... View more