Summary
The key takeaways from this chapter are:
Splunk can easily monitor individual files or whole directories to collect the many logfiles you have access to
Network ports can be used to collect data that is socket based, such as syslog
The Splunk Universal Forwarder can be used to collect data that is not accessible from your Splunk server but is located remotely
Leverage the Splunk community to get modular inputs for additional sources of data
Use event types and field transforms to normalize your data to make searching easier