Hi to all,
I've tried to configure my OSX Splunk server so it will accept data from the syslog deamon (see: https://wiki.splunk.com/Community:HowTo_Configure_Mac_OS_X_Syslog_To_Forward_Data).
I've edited the /etc/syslog.conf file and added ".<tab><tab> x.x.x.x". (Where x.x.x.x is the IP of my machine where Splunk should be listening).
After that, I stopped and restarted the Syslog Deamon (as explained in the tutorial).
When I log into Splunk, there is no data. Splunk tells me: "waiting for data". Do I need to configure Splunk to "receive" the data? And how do I do that?
Thanks in advance!