All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to add Windows Services and Application logs in Splunk Cloud?

shilpijain
Explorer
‎03-17-2017 12:57 PM

How to watch Windows service and application logs like -Activedocs Opus?
Do we need to edit inputs.conf in Splunk Add-on for Microsoft Windows for that?
If yes, what are config changes?

0 Karma
Reply

xavierashe
Contributor
‎04-29-2017 10:20 AM

This is the code you need in your inputs.conf for applications logs.

[WinEventLog://Application]
disabled = 0
start_from = oldest
current_only = 0
checkpointInterval = 5
index = wineventlog
renderXml=false
Reply

xavierashe
Contributor
‎04-29-2017 09:29 AM

Are you using a deployment server?

0 Karma
Reply

adonio
Ultra Champion
‎03-20-2017 05:46 AM

Hi shilpijain,
Yes, edit the Windows TA to collect application logs:
[WinEventLog://Application]
disabled = 1
start_from = oldest
current_only = 0
checkpointInterval = 5
index = wineventlog
renderXml=false
depends on the case, you will sometimes need to enable some auditing on windows server

0 Karma
Reply

xavierashe
Contributor
‎04-29-2017 09:30 AM

Close, but set disabled = 0.

0 Karma
Reply
Get Updates on the Splunk Community!

What’s New in Splunk Enterprise 9.4: Tools for Digital Resilience

What’s New in Splunk Enterprise 9.4: Tools for Digital ResilienceTune in to What’s New in Splunk Enterprise ...

Get Schooled with Splunk Education: Explore Our Latest Courses

At Splunk Education, we’re dedicated to providing incredible learning experiences that cater to every skill ...

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL  The Splunk AI Assistant for SPL ...