http://www.splunk.com/support/forum:SplunkAdministration/3422 Mon, 13 Feb 2012 18:46:45 PST Mon, 13 Feb 2012 18:46:45 PST en-us http://creativecommons.org/licenses/by-nc-nd/2.5/ http://www.splunk.com/support/forum:SplunkAdministration/3422/11149 <p>I am running Splunk 4.0 on Windows server 2008, and there is no firewalls implemented in between. And I am using the default Admin user.</p> <p>What configuration is needed to make this app retrieve syslog msg ?</p> Sun, 18 Oct 2009 00:22:18 PDT Halah http://www.splunk.com/support/forum:SplunkAdministration/3422/11149 http://www.splunk.com/support/forum:SplunkAdministration/3422/11113 <p>What version of Splunk? What operating system? Is there a firewall such as iptables that is blocking traffic to port 514? What user is Splunk running as?</p> Thu, 15 Oct 2009 07:49:45 PDT araitz http://www.splunk.com/support/forum:SplunkAdministration/3422/11113 http://www.splunk.com/support/forum:SplunkAdministration/3422/11106 <p>I am trying to configure Splunk as a syslog server, I created a syslog app and I tried configure it to capture packets on UDP port 514 using the input.conf file, but it didnt work. <br /> I read about a way to make Kiwi syslog capture the syslog msgs and make Splunk monitor the log file. I tried it but still.</p> <p>I doubt that the app is missconfigured coz it does not retrieve any input from the file. I think whats missing is to instruct the syslog app to graph and analyze the inputs, but how can that be done?</p> <p>your help is greatly appreciated,</p> Wed, 14 Oct 2009 21:04:09 PDT Halah http://www.splunk.com/support/forum:SplunkAdministration/3422/11106