i want to take various server logs and send it to the splunk server. is that possible?
i assume it has to do something with the rysyslog.conf ... but I have no idea of how to do it?
Asked
Active
Viewed 141 times
0
-
Yes its possible. I assume these logs are syslog form, then you directly inject into index. – user2486495 Oct 31 '14 at 07:58
-
This should be on ServerFault, as it's a question about system administration tools rather than about programming. – Charles Duffy Nov 14 '14 at 22:47
1 Answers
0
Of course you can do that, this is what splunk is all about. Install the universal forwarder and configure the inputs.conf file to gather the data from your files.
http://docs.splunk.com/Documentation/Splunk/6.2.0/Forwarding/Deploymentoverview
Tom Kregenbild
- 1,568
- 1
- 10
- 11