Hi,
I'm trying to push logs in splunk via TCP Syslog.The flow is Apigee > NGINX > Splunk. Here's the policy configuration:
Here's the configuration in nginx:
The logs still doesn't appear in Splunk. Any ideas on why it doesn't appear on Splunk?
Regards,
Ryan
Solved! Go to Solution.
I don't have a good idea.
To diagnose, I would check these things
I don't have a good idea.
To diagnose, I would check these things
Hi. Thanks for your time. Logs is actually enabled in nginx. If there are logs being sent from Apigee to NGINX, will it appear in the logs?
I am no nginx expert, but as far as I know, if you have stream logging enabled in nginx, then yes, you should see log entries in the nginx logs, resulting from the TCP syslog messages that Apigee sends to the nginx-managed port.
nginx logs will be available in the routers log directory. You can install the Splunk universal forwarder on the router and send the logs to splunk application.
User | Count |
---|---|
2 | |
1 | |
1 | |
1 | |
1 |