Sign up to save your podcasts
Or
Share Take Control of Port 514!: Taming the Syslog Beast [Splunk Enterprise, Splunk Cloud, Splunk Data Fabric Search and Data Stream Processor]
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
![Splunk [Foundations/Platform Track] 2019 .conf Videos w/ Slides](https://podcast-api-images.s3.amazonaws.com/corona/show/936624/logo_300x300.png){kind=logo}
Take Control of Port 514!: Taming the Syslog Beast [Splunk Enterprise, Splunk Cloud, Splunk Data Fabric Search and Data Stream Processor]
Are you frustrated with the task of configuring syslog servers yourself to properly ingest data into Splunk? Take control of the syslog beast once and for all and point your "514" traffic to the new Splunk Connect for Syslog! This new Splunk-supported connector makes quick work of past struggles with syslog servers, sourcetyping, data enrichment, and scale. In this session we will dive into the configuration of the Splunk Connect for Syslog to properly filter, sourcetype, and format your data. We will demonstrate several out-of-the-box examples, highlighting new functionality such as HEC and Kafka transport for resiliency and scale, simple extensions for new device types, and data enrichment that extends far beyond simple sourcetyping of the raw message. Lastly, we will look forward to the integration of syslog with Splunk's new Data Stream Processor, and highlight appropriate use cases for each solution. By the time we wrap up, you will know how to tame the syslog beast!
Speaker(s)
Ryan Faircloth, Security Product Manager, Splunk
Mark Bonsack, Staff Sales Engineer, Splunk
Ryan Faircloth, Security Product Manager, Splunk
Mark Bonsack, Staff Sales Engineer, Splunk
Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1651.pdf?podcast=1577146202
Product: Splunk Enterprise, Splunk Cloud, Splunk Data Fabric Search and Data Stream Processor
Track: Foundations/Platform
Level: Good for all skill levels
View all episodes
By SplunkAre you frustrated with the task of configuring syslog servers yourself to properly ingest data into Splunk? Take control of the syslog beast once and for all and point your "514" traffic to the new Splunk Connect for Syslog! This new Splunk-supported connector makes quick work of past struggles with syslog servers, sourcetyping, data enrichment, and scale. In this session we will dive into the configuration of the Splunk Connect for Syslog to properly filter, sourcetype, and format your data. We will demonstrate several out-of-the-box examples, highlighting new functionality such as HEC and Kafka transport for resiliency and scale, simple extensions for new device types, and data enrichment that extends far beyond simple sourcetyping of the raw message. Lastly, we will look forward to the integration of syslog with Splunk's new Data Stream Processor, and highlight appropriate use cases for each solution. By the time we wrap up, you will know how to tame the syslog beast!
Speaker(s)
Ryan Faircloth, Security Product Manager, Splunk
Mark Bonsack, Staff Sales Engineer, Splunk
Ryan Faircloth, Security Product Manager, Splunk
Mark Bonsack, Staff Sales Engineer, Splunk
Slides PDF link - https://conf.splunk.com/files/2019/slides/FN1651.pdf?podcast=1577146202
Product: Splunk Enterprise, Splunk Cloud, Splunk Data Fabric Search and Data Stream Processor
Track: Foundations/Platform
Level: Good for all skill levels