diff --git a/docs/sources/vendor/QNAP/nas.md b/docs/sources/vendor/QNAP/nas.md
new file mode 100644
index 0000000000..32925511ff
--- /dev/null
+++ b/docs/sources/vendor/QNAP/nas.md
@@ -0,0 +1,26 @@
+# Nas
+
+QNAP NAS QTS|QES shares a common syslog format.
+
+## Key facts
+
+* RFC3164
+* Program based filter
+
+## Links
+
+| Ref            | Link                                     |
+|----------------|------------------------------------------|
+| Splunk Add-on  | <https://splunkbase.splunk.com/app/4632> |
+
+## Sourcetypes
+
+| sourcetype     | notes           |
+|----------------|-----------------|
+| qnap:syslog    | QNAP NAS syslog |
+
+## Sourcetype and Index Configuration
+
+| key      | sourcetype     | index          | notes           |
+|----------|----------------|----------------|-----------------|
+| qnap_nas | qnap:syslog    | infraops       | none            |
diff --git a/package/etc/conf.d/conflib/syslog/app-syslog-qnap_nas.conf b/package/etc/conf.d/conflib/syslog/app-syslog-qnap_nas.conf
new file mode 100644
index 0000000000..88b0d51228
--- /dev/null
+++ b/package/etc/conf.d/conflib/syslog/app-syslog-qnap_nas.conf
@@ -0,0 +1,21 @@
+block parser qnap_nas-parser() {
+    channel {
+        rewrite {
+            r_set_splunk_dest_default(
+                index('infraops')
+                source("program:qulogd")
+                sourcetype('qnap:syslog')
+                vendor('qnap')
+                product('nas')
+                template('t_standard')
+            );
+        };
+   };
+};
+
+application qnap_nas[sc4s-syslog-pgm] {
+    filter {
+        program('qulogd' type(string) flags(prefix));
+    };
+    parser { qnap_nas-parser(); };
+};
diff --git a/tests/test_qnap_nas.py b/tests/test_qnap_nas.py
new file mode 100644
index 0000000000..3a62bbaa61
--- /dev/null
+++ b/tests/test_qnap_nas.py
@@ -0,0 +1,44 @@
+# Copyright 2019 Splunk, Inc.
+#
+# Use of this source code is governed by a BSD-2-clause-style
+# license that can be found in the LICENSE-BSD2 file or at
+# https://opensource.org/licenses/BSD-2-Clause
+import random
+
+from jinja2 import Environment
+
+from .sendmessage import *
+from .splunkutils import *
+from .timeutils import *
+
+env = Environment()
+
+# <30>Jul 15 18:03:54 NAShostname qulogd[13241]: conn log: Users: admin, Source IP: 10.0.0.1, Computer name: ---, Connection type: HTTP, Accessed resources: ---, Action: Logout
+# <30>Jul 15 18:06:46 NAShostname qulogd[13241]: conn log: Users: admin, Source IP: 10.0.0.1, Computer name: localhost, Connection type: SMB, Accessed resources: Multimedia/folder/file.txt, Action: Read
+def test_qnap_nas_qts(record_property, setup_wordlist, setup_splunk, setup_sc4s):
+    host = "{}-{}".format(random.choice(setup_wordlist), random.choice(setup_wordlist))
+
+    dt = datetime.datetime.now()
+    iso, bsd, time, date, tzoffset, tzname, epoch = time_operations(dt)
+
+    # Tune time functions
+    epoch = epoch[:-7]
+
+    mt = env.from_string(
+        "{{mark}}{{ bsd }} qnap-{{host}} qulogd[13241]: conn log: Users: admin, Source IP: 10.0.0.1, Computer name: localhost, Connection type: SMB, Accessed resources: Multimedia/folder/file.txt, Action: Read"
+    )
+    message = mt.render(mark="<27>", bsd=bsd, host=host)
+    sendsingle(message, setup_sc4s[0], setup_sc4s[1][514])
+
+    st = env.from_string(
+        "search _time={{ epoch }} index=infraops sourcetype=qnap:syslog host=qnap-{{host}}"
+    )
+    search = st.render(epoch=epoch, host=host)
+
+    resultCount, eventCount = splunk_single(setup_splunk, search)
+
+    record_property("host", host)
+    record_property("resultCount", resultCount)
+    record_property("message", message)
+
+    assert resultCount == 1