The dojo of Splunk. Learn, share, teach, mentor.
Videos
Latest Activity
Michael Wilde replied to Nikita's discussion Count failures and success via transaction"How are these transactions linked together... by a field called "ID"? If so.. just build them with the field ID, and then use one of the MV commands to extract a field with success or failure in it. Paste some samples and…"
Splunk for Blue Coat Proxy SG - Setup help!
Recently, I've seen a number of folks who have been trying to use the Splunk for Blue Coat Proxy SG app and the proxy together so the logs come in to Splunk and they are displayed properly in Splunk.
Check out this guide, I hope it helps!
Big props go out to SplunkNinja community member and Blue Coat Pre-Sales ninja Ty Morton
Check out this guide, I hope it helps!
Big props go out to SplunkNinja community member and Blue Coat Pre-Sales ninja Ty Morton
-
Comment by Bob Munson on April 29, 2010 at 9:44am -
Two questions.
1 As it is this just seems to be setting up syslog on a new port. What do we gain over using 514?
2 Would it be easy to secure this with SSL?
-
Comment by Michael Wilde on April 29, 2010 at 6:29pm -
Bob. This is actually not syslog. While it is TCP, it's a push in to Splunk. My friend at BlueCoat helped we set up this method as he said BC isn't that great at syslogging. If you know otherwise let me know and we'll update the guide.
-
Comment by Bob Munson on May 1, 2010 at 9:33am
-
Thanks for the info. My customer wants to setup an SSL connection so when I get it working, I send an update.
Comment
© 2012 Created by Michael Wilde.
You need to be a member of splunkninja to add comments!
Join splunkninja