Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Splunk 7.x Quick Start Guide Gain business data insights from operational intelligence

Product type Paperback

Published in Nov 2018

Publisher Packt

ISBN-13 9781789531091

Length 298 pages

Edition 1st Edition

Tools

Splunk

Concepts

Operational Intelligence

Author (1):

James H. Baxter

View More author details

Table of Contents (12) Chapters

Preface

1. Introduction to Splunk FREE CHAPTER

2. Architecting Splunk

3. Installing and Configuring Splunk

4. Getting Data into Splunk

5. Administering Splunk Apps and Users

6. Searching with Splunk

7. Splunk Knowledge Objects

8. Splunk Reports, Dashboards, and Alerts

9. Splunk Applications

10. Advanced Splunk

11. Other Books You May Enjoy

Leave a review - let other readers know what you think

Configuring other data source inputs

Some devices such as firewalls, routers, and switches do not generate logs directly; instead, they send their log and event data over network ports to, typically, a syslog server that stores the data in log files in some directory. The best practice for handling this scenario is to install a universal forwarder on the syslog server so that you can configure multiple inputs (one for each type of data) in inputs.conf to assign the appropriate index and sourcetype for each data source type. You will also need to assign a host in the inputs.conf file for each input, or do some research on how to leverage DNS to identify the proper hostname for each data source (which is outside the scope of this book). However, if you simply must stream this data from the devices directly to Splunk, there are two approaches that will work.

One approach is to send...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

James H. Baxter

James H Baxter is the owner/CEO of Machine Data Insights, Inc., a certified Splunk architect, and a developer and machine learning practitioner with over 35 years of experience in various engineering and analysis disciplines, including radio/satellite; networks; capacity and performance modelling; speech technology; packet-level analysis; programming; and Splunk architecture, administration, and machine learning solutions for companies including MCI, IBM, BP, Disney, and AMEX. James is also a private pilot and holds an Extra class amateur radio and FCC Radiotelephone license. You can reach him at LinkedIn at James H. Baxter.

See other products by James H. Baxter