In syslog-ng OSE versions older than 4.2, use the http() destination. In version older than 3.8, use the program() destination.

For details on forwarding log messages to Splunk with syslog-ng OSE see the following posts on the Splunk blog:

From version 4.2 syslog-ng OSE can send messages to the Splunk HTTP Event Collector(HEC). For details, see splunk-hec-event: Send log messages to Splunk HEC.

Updated: