Getting Data In

Forwarding Logs

Aw123
New Member

Hi! I have successfully installed a Splunk forwarder on the EC2 instance which my Python application is living. How do I tell the application what to send to the forwarder. Is there some sort of sys logging that I need to do, will the forwarder pick up all application output (prints, debugs, etc.) or how does that work?

Labels (1)
0 Karma

rupkumar4sec
Path Finder

If your application stores logs in a physical location on your EC2 instance you can simply monitor that file/directory. 

[monitor:<filepath>]
sourcetype = <sourcetype>
index = <index>
host =

add any other setting you need.  Check below document for your reference
https://docs.splunk.com/Documentation/Splunk/8.2.0/Admin/Inputsconf#inputs.conf.spec 

 

0 Karma

Aw123
New Member

Thanks for replying. Currently these logs are forwarding to Splunk cloud, I more or else am confused on how to dictate what exactly is forwarded!

0 Karma

rupkumar4sec
Path Finder

you should be able get that information from using btool command

./splunk btool inputs list --debug

run this command from $SPLUNK_HOME$/bin

0 Karma
Get Updates on the Splunk Community!

Build Your First SPL2 App!

Watch the recording now!.Do you want to SPL™, too? SPL2, Splunk's next-generation data search and preparation ...

Exporting Splunk Apps

Join us on Monday, October 21 at 11 am PT | 2 pm ET!With the app export functionality, app developers and ...

[Coming Soon] Splunk Observability Cloud - Enhanced navigation with a modern look and ...

We are excited to introduce our enhanced UI that brings together AppDynamics and Splunk Observability. This is ...