Splunk

Overview

The Morpheus Splunk Integration allows forwarding logs from managed Linux hosts and vm’s to a target Splunk listener by changing the rsyslogd config on linux vm’s to point to Splunk forwarders. The logs will be forwarded from the clients, not from the Morpheus Appliance.

Adding Splunk Integration

  1. Add a syslog listener configuration in Splunk.

  2. Navigate to Administration -> Logs

  3. Expand the Splunk section

  4. Enable the integration

  5. Fill in the following:

    Enabled

    Enable the Splunk integration

    Host

    IP or Hostname of the Splunk server.

    Port

    Port configured to access the Splunk server.

  6. SAVE

Once added, syslogs from managed Linux hosts and vm’s will be forwards from the clients to the target Splunk listener.