The Morpheus Splunk Integration allows forwarding logs from managed Linux hosts and vm’s to a target Splunk listener by changing the rsyslogd config on linux vm’s to point to Splunk forwarders. The logs will be forwarded from the clients, not from the Morpheus Appliance.
Adding Splunk Integration¶
Add a syslog listener configuration in Splunk.
Administration -> Logs
Expand the Splunk section
Enable the integration
Fill in the following:
Enable the Splunk integration
IP or Hostname of the Splunk server.
Port configured to access the Splunk server.
Once added, syslogs from managed Linux hosts and vm’s will be forwards from the clients to the target Splunk listener.