All Apps and Add-ons
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Why is "WinHostMon://Service not working

Alan_Chan
Explorer
‎02-07-2024 10:45 PM

Hi all,

I am experiencing an issue with the Splunk WinHostInfo input. It is not working after being deployed to the universal forwarder, whereas the other logs from the same device are successfully received. Does anyone have any idea or suggestions on how to resolve this?

Tags (1)
0 Karma
Reply

danielcj
Communicator
‎02-09-2024 12:39 PM

Hello @Alan_Chan ,

Could you please share the configuration of the inputs.conf file for the WinHostMon://Service input?

Please make sure that the disabled=0 is configured for this input and also that a restart in the splunk service was done after the changes on the inputs.conf file. Also, it is recommended to execute a btool command to make sure that this configuration is with the correct precedence:

splunk btool inputs list --debug

Thanks.

0 Karma
Reply

Alan_Chan
Explorer
‎02-13-2024 06:18 PM

Hi @danielcj,

Here are the configuration:
[WinHostMon://Service]
interval = 600
disabled = 0
type = Service
index = windows

After execute "splunk list inputstatus" on the UF, I could not found splunk-winhostinfo.exe (WinHostMon://Service) running

0 Karma
Reply
Get Updates on the Splunk Community!

Mastering Data Pipelines: Unlocking Value with Splunk

 In today's AI-driven world, organizations must balance the challenges of managing the explosion of data with ...

The Latest Cisco Integrations With Splunk Platform!

Join us for an exciting tech talk where we’ll explore the latest integrations in Cisco + Splunk! We’ve ...

AI Adoption Hub Launch | Curated Resources to Get Started with AI in Splunk

Hey Splunk Practitioners and AI Enthusiasts! It’s no secret (or surprise) that AI is at the forefront of ...
Top