I don't correctly understand how me accept the syslog.
I already read this:
- https://docs.splunk.com/Documentation/SplunkCloud/6.6.3/Data/Monitornetworkports
- https://docs.splunk.com/Documentation/SplunkCloud/6.6.3/Data/HowSplunkEnterprisehandlessyslogdata
- https://docs.splunk.com/Documentation/Splunk/7.0.0/Admin/Inputsconf
My inputsconf:
[udp://514]
sourcetype = syslog
disabled=false
Also, I'm using:
https://splunkbase.splunk.com/app/3575/
What should I do to get syslog?
↧