Hi,Can anyone please help me with the approach and challenges to get the
forwarded logs from Splunk to RSA Netwitness. Let's assume log sources
are Checkpoint, Windows Server, DHCP server, Switches n Routers,
Database, IPS/IDS..
Thanks for your valuable inputs Dave.But still it's not working. Getting
below message in splunk GUI. Tcpout Processor: The TCP output processor
has paused the data flow. Forwarding to output group rsa_syslog has been
blocked for 10 seconds. This wil...
Thanks Eric for the document, however I already have it.Have gone
through with the document and have set of queries.We are planning to
forward the desired events preserving raw log from Splunk through Syslog
UDP-514. Didn't understand the exact limit...
