I'm looking to replace a small Splunk instance with Graylog. One of things that sends logs into Splunk now is many remote field offices' worth of routers and switches. All via UDP 514. I had originally thought once I got everything configured I could simply shut down the Splunk server and assign it's IP address to Graylog and be good to go. However all of those remote devices are set to transmit on port 514, and I can't create an input on Graylog for that port number (partially because it's in use by the systems own syslog service and partially because I can't assign an input on a low numbered port number).
What are my options besides reconfiguring all of those switches and routers? Nathan -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/85ae7a83-52f1-423e-b4ab-acaed966de08%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
