This app contains sourcestypes for vsftpd logs, and xfer logs when enabled. There's no prerequisite for it, appart from having the default vsftpd log format.
Learn More about how I build this app here (in french, sorry about that), feel free to comment on this page in case you're having issues with this app. As it is under MIT licence, you can modify it almost as you want.
Fix field extraction regex (EXTRACT in props.conf) that was not present in 1.0.1 due to permission issues on the developpement server.
Multiple fixes in CIM model fileds.
V1 of TA for VSFTPD 3.0.3 log support in Splunk 7.0
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.