Eric

Thanks @rjha-splunk , I will try it out and feedback. It will take some time.

@rjha-splunk , I checked the description of #1794, it appears that this requires the data to be sent to a different port right? for example, I have special product a...

@rjha-splunk , also, as per plugin.py, it has topic=os.getenv(f"SC4S_LISTEN_{ port_id }_TOPIC", "sc4s") to get a topic information, however, this topic is never referred in plugin.jinja. it will still goto the...

Thanks @rjha-splunk . Then which topic should my custom parser listen on when I use this feature. Actually, can we have prefilter just like the postfilter so we can filter...

I know the list but which one can allow me preprocess the event before it being parsed by built in parsers? If that is processed by these parsers, it might...

Can you share me the splunk side configuration? I am not using mock up Python script, I am testing in a real splunk environment. by the way, as I tried...

Thanks I will do some more testing. I tried using the test script to ingest. It works fine. But when using Splunk to send, there are various issues. Let me...

I performed some test (using tcpout, did not test UDP syslog out yet). I found Windows event (in traditional mode), _internal log, and _inspection log arrives successfully while I did...

so far as we tested, UDP limits on 65KB data which Windows Perform MultiKV will need to change to singleKV and nix add-on ps.sh will need to be updated to...

AWS Linux 2. And Centos 7. No Splunk Enterprise on Windows. Only UF for Windows to collect Event Logs and forward via 9997