Help

Casper and Splunk?

bjbechd
New Contributor

Posted on ‎02-17-2015 12:41 PM

So Is there any one out there that has been sending their logs to Splunk? By logs I mean the individual computer logs. If so, how did you go about setting that up.

0 Kudos
3 REPLIES 3

adamcodega
Valued Contributor

Posted on ‎02-17-2015 01:39 PM

This discussion may be a good start.

Mike Dodge from Facebook used to use Casper and Splunk but is no longer using Casper.

0 Kudos

davidhiggs
Contributor III

Posted on ‎02-17-2015 07:21 PM

What are you running your JSS on? Splunk has forwarding tools you might want to use:
https://www.splunk.com/en_us/download/universal-forwarder.html

My current implementation reads directly off the database. I'm thinking of a better way to do this but i'm ok with it at the moment. There's no shortage of options to get the information you need.

0 Kudos

james_pearson
New Contributor

Posted on ‎05-18-2015 02:27 AM

Does any one have experience in using the database backend to provide data to Splunk? I saw an old post suggesting it was a viable option. I already have Splunk enterprise so it's just a data feed thats needed. I am using API calls but the post https://jamfnation.jamfsoftware.com/discussion.html?id=7291 looks much better. I had heard that JAMF do not support the direct database access - only through the API. Can anyone confirm?

0 Kudos