Introduction

Configure pfSense to Forward Syslog Data to Splunk

Set Up Splunk to Receive Syslog Data on Port 514

Set Up Splunk Indexer to Receive Data on Port 9997

Install Splunk Universal Forwarder on the Windows VM

Windows Firewall Setup for Splunk Forwarder Traffic

Setting Up Event Collector and Splunk Forwarder

Restart Splunk Forwarder via Command Prompt (Windows VM)

Restart Splunk Using the Web GUI

Checking Logs Transfer Success

References