Skip to content

Instantly share code, notes, and snippets.

@yorokobi

yorokobi/gist:04a3f503ca15bf6a5768

Last active March 21, 2016 14:37
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save yorokobi/04a3f503ca15bf6a5768 to your computer and use it in GitHub Desktop.
Save yorokobi/04a3f503ca15bf6a5768 to your computer and use it in GitHub Desktop.
Download ZIP
Send data from Splunk to Syslog
Raw
gistfile1.txt
_____________________
PROPS.CONF
_____________________
[iis]
TRANSFORMS-syslog = send_to_syslog
[WinEventLog:Security]
TRANSFORMS-syslog = send_to_syslog
_____________________
TRANSFORMS.CONF
_____________________
[send_to_syslog]
REGEX = .
DEST_KEY = _SYSLOG_ROUTING
FORMAT = syslog_vip
_____________________
OUTPUTS.CONF
_____________________
[syslog]
[syslog:syslog_vip]
server = syslog-vip.domain.tld:514
type = udp
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment