Graylog Splunk Plugin 0.4.0 with Graylog 3.2.2 not working

Hello,

I am using Graylog 3.2.2 (3 nodes cluster) and the Graylog Splunk Plugin 0.4.0 here: https://marketplace.graylog.org/addons/974efcc3-8d78-4847-becd-0f26821d2646

For the installation, I have copied the plugin on each of the graylog servers manually (was that correct or does the plugin get replicated automatically if copied to e.g. the master graylog server?).

I tried to configure the Splunk Plugin output to the all messages stream but got an error message at first. Unfortunately it disappeared to quickly. I retried the output assignment, then it worked but no effective output was generated.

Moreover, I had to restart the graylog servers because the message sync over the cluster was broken down.

Questions:
Is this plugin compatible with Graylog 3.2.2?
Is there a newer version than 0.4.0?
Is there any better way to forward messages from Graylog to Splunk?

Thanks and best regards,
Jan

he @janholzbecher

you can find the releases here: https://github.com/graylog-labs/graylog-plugin-splunk/releases

It might be that this plugin is not compatible with the latest Graylog release.

Hi Jan,

Thats exaclty the plugin I am using, however, not the RC version. Would you suggest using the RC?

Is there any alternative for a stream output to Splunk?

Best regards,

Jan

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.