topic Re: Application and Services Event Logs not appearing in Getting Data In https://community.splunk.com/t5/Getting-Data-In/Application-and-Services-Event-Logs-not-appearing/m-p/82141#M16969 <P>To be sure I would change your stanzas to use <CODE>WinEventLog</CODE> instead of <CODE>winEventLog</CODE>.</P> <P>I would then look at the following documentation, as you may need to include the full path the event log:</P> <P><A href="http://docs.splunk.com/Documentation/Splunk/5.0.3/Data/MonitorWindowsdata#Event_log_monitor_configuration_values">http://docs.splunk.com/Documentation/Splunk/5.0.3/Data/MonitorWindowsdata#Event_log_monitor_configuration_values</A></P> <P>I also assume you search starts with:</P> <PRE><CODE> index=wineventlog </CODE></PRE> <P>Hope this helps.</P> Tue, 02 Jul 2013 16:13:43 GMT MHibbin 2013-07-02T16:13:43Z Application and Services Event Logs not appearing https://community.splunk.com/t5/Getting-Data-In/Application-and-Services-Event-Logs-not-appearing/m-p/82140#M16968 <P>Hello,</P> <P>We are trying to setup Splunk to monitor custom application event logs that are already added to the event viewer. Here is an example of the inputs.conf example we are using and we are running the service as system. Any ideas why it is not collecting these event logs?</P> <PRE><CODE>[winEventLog:DBMApplicationEventLog] disabled = 0 index = wineventlog current_only = 1 [winEventLog:DBMBusinessEventLog] disabled = 0 index = wineventlog current_only = 1 </CODE></PRE> <P><IMG src="http://splunk-base.splunk.com//storage/2013-07-02_1135.png" alt="alt text" /></P> Tue, 02 Jul 2013 15:40:48 GMT https://community.splunk.com/t5/Getting-Data-In/Application-and-Services-Event-Logs-not-appearing/m-p/82140#M16968 aaronkorn 2013-07-02T15:40:48Z Re: Application and Services Event Logs not appearing https://community.splunk.com/t5/Getting-Data-In/Application-and-Services-Event-Logs-not-appearing/m-p/82141#M16969 <P>To be sure I would change your stanzas to use <CODE>WinEventLog</CODE> instead of <CODE>winEventLog</CODE>.</P> <P>I would then look at the following documentation, as you may need to include the full path the event log:</P> <P><A href="http://docs.splunk.com/Documentation/Splunk/5.0.3/Data/MonitorWindowsdata#Event_log_monitor_configuration_values">http://docs.splunk.com/Documentation/Splunk/5.0.3/Data/MonitorWindowsdata#Event_log_monitor_configuration_values</A></P> <P>I also assume you search starts with:</P> <PRE><CODE> index=wineventlog </CODE></PRE> <P>Hope this helps.</P> Tue, 02 Jul 2013 16:13:43 GMT https://community.splunk.com/t5/Getting-Data-In/Application-and-Services-Event-Logs-not-appearing/m-p/82141#M16969 MHibbin 2013-07-02T16:13:43Z