Veeam App for Splunk 1.0
Veeam App for Splunk Guide
Search

Configuring Data Inputs

Data inputs configuration depends on your SIEM infrastructure. Veeam App for Splunk supports the following architectures:

  • Splunk acts as a receiver — receives data from Veeam Backup & Replication through the forwarder installed on the intermediate syslog server.
  • Splunk acts as a forwarder — receives data directly from Veeam Backup & Replication and forwards it to another Splunk instance, syslog server, or third-party solution.
  • Splunk acts as the only syslog server — receives data directly from Veeam Backup & Replication.

To configure data inputs, specify the veeam_vbr_syslog source type. For other settings, follow recommendations from Splunk documentation:

Important

To display data correctly, the format of syslog messages sent to Splunk must be the same as on Veeam Backup & Replication. For more information, see Specifying Syslog Servers in the Veeam Backup & Replication User Guide.

View all results across Veeam
Back to document search