VM:Operator and SPLUNK

Document ID : KB000073554
Last Modified Date : 15/03/2018
Show Technical Document Details
Introduction:
VM:Operator and SPLUNK
 
 
Question:
Can we send the logs from VM:Operator to SPLUNK ?
 
SPLUNK (the product) captures, indexes, and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards, and visualizations.    
 

 
Answer:
It’s possible the  VMYSENDR function in VM:Operator could help with this.
 
If SPLUNK works like other SYSLOGD collectors and we are simply pushing messages off to an IP address, then this should work. 
Keep in mind though, not knowing what SPLUNK expects, this is a theory. But again, if it is similar in input expectations as SYSLOGD collectors then this VM:Operator function might help you push things off to SPLUNK as required.  
 
 
  
Configuring VM:Operator in OBSERVER Mode as a SYSLOGD Sender
is documented in the VM:Operator Administration guide which you can access at:
   https://docops.ca.com/ca-vm-operator/3-1/en/administrating/configuring-ca-vm-operator-in-observer-mode-as-a-syslogd-sender