Archive

How to Import the exported windows event logs into splunk,

ramya_k
Engager

This is a onetime activity i have the evtx files and want to upload to splunk for analysis

Tags (1)
0 Karma

FrankVl
Ultra Champion
0 Karma

ramya_k
Engager

That has more details on how to import remote evtx logs any specific details on how to import already exported logs i have the evtx files for investigation?

0 Karma

FrankVl
Ultra Champion

The section I linked to is all about ingesting exported evtx files. As it is explained there: use a windows box and create a file monitor input that monitors the folder that holds the evtx files. Apart from some of the constraints mentioned in the docs, it is as simple as that.

0 Karma