send puppet report to splunk

asked 2017-02-07 03:15:42 -0600

I was trying to setup reporting all the events of around 1000 nodes to splunk for enabling audit of the environment,

Has any one done something similar or related, Please give me suggestions or process outline on how to set this up. If you used any modules for log processor in github that would be of help too.


edit retag flag offensive close merge delete


/var/log/puppetlabs stores all the logs you would need. You would need to point the splunk forwarder to these log locations.

puser gravatar imagepuser ( 2017-02-09 06:48:31 -0600 )edit

Ok the requirement is; 1. Send the change events to syslog for Splunk and qradar. 2. Should support all puppet version above 3.7 So do we need any report processor or just forward the syslog to the central server from the master. Thanks

Puppetartistry gravatar imagePuppetartistry ( 2017-02-10 00:14:34 -0600 )edit