Jump to content


Photo

Splunk Integration

syslog splunk logging

4 replies to this topic

#1 Kevin Vogt

Kevin Vogt
  • Members
  • 1 posts

Posted 29 May 2015 - 03:06 AM

I am using the Barracuda Splunk app for centralized log management and visualization.

For single box level logging the app works very fine.

 

In case of a HA pair deployment it would be useful to gather logs on a virtual server level.

At the moment the app is not able to handle these kind of syslog messages. (search queries finish with errors)

I had to build my own search queries, dashboards and graphs for HA pairs, but it would be nice to have all Barracuda logs in one place. 



#2 Markus Lang

Markus Lang
  • Moderators
  • 387 posts

Posted 02 June 2015 - 09:31 AM

Thanks for your suggestion for improvement. We will inlcude the possibility to stream virtual server logs to the splunk app in one of our next releases.


Director, Product Management


#3 Paul Sutton

Paul Sutton
  • Members
  • 4 posts

Posted 01 July 2015 - 07:14 PM

Can we please have Splunk integration with Netflow - IpFix.

 

I would like to see the traffic that is consuming my bandwith, both in real time and also forensically. My firewalls are the common point of manangement for all my sites and to have in one place would be excellent. Your assistance in this regard would be fantastic.

 

Thanks

 

Paul



#4 Marco Miska

Marco Miska
  • Barracuda Team Members
  • 61 posts
  • LocationInnsbruck

Posted 21 July 2015 - 06:23 AM

Hello Mr. Sutton,

please take a look at the following article:

https://splunkbase.splunk.com/app/2634/

 

We already support Splunk with Syslog-Traffic. Is there a specific reason for you to use Netflow/IPFix?

 

Thanks in advance

Best regards
Marco 



#5 Paul Sutton

Paul Sutton
  • Members
  • 4 posts

Posted 11 August 2015 - 09:42 PM

What I would like to know is where the traffic is going, and how much traffic is it using for how long. What also is not implimented is referer headers, and user identification. Also including this would be excellent please.

 

Thanks,

 

Paul





Reply to this topic