Configuring Fluent-Bit to Support Splunk
You can configure Fluent-Bit to send logs to Splunk. This configuration is applicable only when you configure the local cluster as the as the Listener and the remote cluster in remote forwarding mode.
When you configure Fluent-Bit to support Splunk, the local logs are sent to Splunk using Fluent-Bit and the remote logs are sent to the fluent listener (Fluent-Bit). The Fluent-Bit in turn forwards the remote logs to Splunk.
To configure Fluent-Bit to support Splunk, use the following configuration:
configure
logging splunk listener enable
logging splunk listener external-ip external_vip_ip
logging splunk host splunk_host
logging splunk port splunk_port
logging splunk auth-token auth_token
NOTES:
-
logging splunk listener enable —Enable Fluent-Bit to send logs to Splunk.
-
logging splunk listener external-ip external_vip_ip —Specify the external virtual IP address of the local cluster.
-
logging splunk host splunk_host —Specify the Splunk host information.
-
logging splunk port splunk_port—Specify the Splunk port information.
-
logging splunk auth-token auth_token—Specify the Splunk Authentication Token for the HTTP Event Collector interface.