Hi all,
Currently we're doing testing to send logs from Splunk Universal Forwarder to Nagios Log Server. We've installed Splunk UF in a window machine so that event from windows be sent to Splunk UF and then afterwards sent to Nagios Log Server. Received the connection in Nagios Log Server but the log itself is not readable. Received the log like below
"\u0016\u0003\u0001\u0000\x8C\u0001\u0000\u0000\x88\u0003\u0003\x92>\x...."
Anyone ever tried this setup and able to received readble log ?
Your kind feedback is very much appreciated.
send log from Splunk Universal Forwarder to Nagios Log server
Re: send log from Splunk Universal Forwarder to Nagios Log server
Hi @halimm,
A bunch of the individual unicode values in that string do not translate to human readable characters, it looks like a bunch of header characters. I believe you'll need to configure Splunk or add some sort of filter to preprocess the output before it gets into Logstash to remove this sort of value.
A bunch of the individual unicode values in that string do not translate to human readable characters, it looks like a bunch of header characters. I believe you'll need to configure Splunk or add some sort of filter to preprocess the output before it gets into Logstash to remove this sort of value.
-
jmichaelson
- Posts: 118
- Joined: Wed Aug 23, 2023 1:02 pm
Re: send log from Splunk Universal Forwarder to Nagios Log server
This post may be helpful:
https://discuss.elastic.co/t/splunk-dat ... b/267654/3
In particular this link within it:
https://www.elastic.co/blog/migrating-f ... -migration
https://discuss.elastic.co/t/splunk-dat ... b/267654/3
In particular this link within it:
https://www.elastic.co/blog/migrating-f ... -migration
Please let us know if you have any other questions or concerns.
-Jason
-Jason