https://community.splunk.com/t5/Security/how-do-i-monitor-my-own-system/m-p/569245#M15635 <P>So I am very new to Splunk and I have just started using it. What I want to do is be able to view my own laptops operating system file logs and performance data. What I have been doing is logging onto my splunk and then selecting the "add data" button. From there I select the "monitor" button. For example I have chosen to monitor&nbsp; my local events log but for some reason when I try to search anything I get nothing so something is wrong and I dont know what.</P><P>&nbsp;</P><P>Please help</P> Thu, 30 Sep 2021 23:46:45 GMT rcon313 2021-09-30T23:46:45Z https://community.splunk.com/t5/Security/how-do-i-monitor-my-own-system/m-p/569245#M15635 <P>So I am very new to Splunk and I have just started using it. What I want to do is be able to view my own laptops operating system file logs and performance data. What I have been doing is logging onto my splunk and then selecting the "add data" button. From there I select the "monitor" button. For example I have chosen to monitor&nbsp; my local events log but for some reason when I try to search anything I get nothing so something is wrong and I dont know what.</P><P>&nbsp;</P><P>Please help</P> Thu, 30 Sep 2021 23:46:45 GMT https://community.splunk.com/t5/Security/how-do-i-monitor-my-own-system/m-p/569245#M15635 rcon313 2021-09-30T23:46:45Z https://community.splunk.com/t5/Security/how-do-i-monitor-my-own-system/m-p/569272#M15636 <P>Hi&nbsp;<a href="https://community.splunk.com/t5/user/viewprofilepage/user-id/239158">@rcon313</a>,</P><P><SPAN>probably you need to have a training before to start to work on Splunk.</SPAN></P><P><SPAN>You could&nbsp;</SPAN><SPAN>follow the Splunk Fundamentals I course (</SPAN><A href="https://www.splunk.com/en_us/training/free-courses/splunk-fundamentals-1.html" target="_blank" rel="nofollow noopener noreferrer">https://www.splunk.com/en_us/training/free-courses/splunk-fundamentals-1.html</A><SPAN>) that's a free course and the Search Tutorial (</SPAN><A href="https://docs.splunk.com/Documentation/Splunk/8.1.0/SearchTutorial/WelcometotheSearchTutorial" target="_blank" rel="nofollow noopener noreferrer">https://docs.splunk.com/Documentation/Splunk/8.1.0/SearchTutorial/WelcometotheSearchTutorial</A><SPAN>) that help you to understand how Splunk searches work.</SPAN></P><P><SPAN>About the ingestion of windows logs, there's an interesting video in the download page of splunk that could help you to understand how Splunk ingests local logs.</SPAN></P><P><SPAN>Then these other videos on YouTube:</SPAN></P><P><A href="https://www.youtube.com/watch?v=3GKhCZfQqDM" target="_blank">https://www.youtube.com/watch?v=3GKhCZfQqDM</A>&nbsp;</P><P><SPAN><A href="https://www.youtube.com/watch?v=1AyJaKxks-I" target="_blank">https://www.youtube.com/watch?v=1AyJaKxks-I</A></SPAN></P><P><SPAN><A href="https://www.youtube.com/watch?v=rT-O80XfWuY" target="_blank">https://www.youtube.com/watch?v=rT-O80XfWuY</A></SPAN></P><P><SPAN><A href="https://www.youtube.com/watch?v=sLMIEjgD6UY" target="_blank">https://www.youtube.com/watch?v=sLMIEjgD6UY</A></SPAN></P><P><SPAN>maybe someone is late but this part is almost the same.</SPAN></P><P><SPAN>Ciao.</SPAN></P><P><SPAN>Giuseppe</SPAN></P> Fri, 01 Oct 2021 06:45:12 GMT https://community.splunk.com/t5/Security/how-do-i-monitor-my-own-system/m-p/569272#M15636 gcusello 2021-10-01T06:45:12Z https://community.splunk.com/t5/Security/how-do-i-monitor-my-own-system/m-p/569316#M15637 <P>Hi Gcusello,</P><P>I finished the fundamentals part 1 course yesterday. It was a good course but it only really covered how to upload data into splunk. Maybe its a wee bit different for when you monitor your own system. I will have a look at the videos you sent me as well.&nbsp;</P><P>Thank you very much&nbsp;</P> Fri, 01 Oct 2021 11:37:22 GMT https://community.splunk.com/t5/Security/how-do-i-monitor-my-own-system/m-p/569316#M15637 rcon313 2021-10-01T11:37:22Z https://community.splunk.com/t5/Security/how-do-i-monitor-my-own-system/m-p/569341#M15639 <P>Hi&nbsp;<a href="https://community.splunk.com/t5/user/viewprofilepage/user-id/239158">@rcon313</a>,</P><P>there are two videos that describe how to ingest Windows logs.</P><P>Anyway, I usually don't start from Add Data, but from Data Inputs, I Use Add-Data when I want to upload logs from a text or csv file.</P><P>So if you want to take the logs from the machine where Splunk is installed, you have to see in the menu choice [Settings -- Data Inputs] and choose the logs you want:</P><UL><LI>Local Eventlog Collection for Wineventlogs,</LI><LI>Files &amp; Directories to read logs e.g. from IIS,</LI><LI>Local Performance Monitor to take the performance counters</LI><LI>and so on.</LI></UL><P>Please, let me know if my answer solved your need, in this case, please accept it for the other people of Community, otherwise, tell me how can I help you.</P><P>Ciao and happy splunking.</P><P>Giuseppe</P><P>P.S.: Karma Points are appreciated <span class="lia-unicode-emoji" title=":winking_face:">😉</span></P><P>&nbsp;</P> Fri, 01 Oct 2021 14:04:03 GMT https://community.splunk.com/t5/Security/how-do-i-monitor-my-own-system/m-p/569341#M15639 gcusello 2021-10-01T14:04:03Z