Sending logs from syslog-ng store box to Splunk

One of the most popular applications to feed Splunk with syslog messages is syslog-ng. However not everyone is happy to work on the command line anymore. This is where syslog-ng store box (SSB), an appliance built around syslog-ng, can help. The SSB GUI provides you not only with an easyto-use interface to configure most syslog-ng features, but also a search interface and complete log life cycle management. It can forward log messages to several destinations, recently also to Splunk’s HTTP Event Collector (HEC).

From this blog you can learn about how SSB fits into your logging infrastructure and how to configure SSB for Splunk: https://www.syslog-ng.com/community/b/blog/posts/sending-logs-from-syslog-ng-store-box-to-splunk

• syslog-ng
• SSB
• Splunk
• planets