[Bro] Bro and Splunk forwarder
craig bowser
reswob10 at gmail.com
Tue May 1 13:31:36 PDT 2018
We used syslog to send the logs to a Splunk HF.
On Tue, May 1, 2018, 2:50 PM Joseph Ghobrial <jghobrial at rice.edu> wrote:
> We've got a bro cluster up and running on our SciDMZ. I'm running the
> splunk forwarder on the head node. We've seen the splunk forwarder having
> issues after some time sending data. I'm not seeing anything in the system
> logs or splunk logs showing a reason.
>
> Anyone running this type of configuration and seen contention?
>
> Thanks,
> Joseph
>
> --
> Joseph Ghobrial
> Systems Analyst II
> Office of Information Technology
> Rice University
> jghobrial @ rice.edu
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20180501/995e96b2/attachment.html
More information about the Bro
mailing list