Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Generate test logs in Windows

thepocketwade
Path Finder
‎10-25-2010 03:50 PM

I'm trying to test some things with my Splunk Windows installs and I'd like to have reliable test data. When I test *nix logs with Splunk I tend to use 'logger' to create the messages. I've been unable to find an equivalent for Windows (preferably 7). Does something like that exist? or is there a technique to force Windows to send logs (without having to actually do the action that makes the log?)

Tags (1)
0 Karma
Reply

malmoore
Splunk Employee
Splunk Employee
‎01-12-2011 10:35 PM

Eventcreate sounds like what you might be looking for:

More on eventcreate - yes, it's the XP docs, but it 100% works in 2003.

Reply

Genti
Splunk Employee
Splunk Employee
‎10-25-2010 04:44 PM

well, you could just eat your event logs, no?
On your Manager » Data inputs , get WMI events and system logging to come in, youll see plenty of goodies for you to test on.

0 Karma
Reply

thepocketwade
Path Finder
‎10-25-2010 05:42 PM

I could, and in fact I already am. What I'm looking for is a way to generate logs with any EventCode for testing purposes. That way, I can know for certain that EventCode = 1901 was sent, and can then verify that it was indexed (or not) properly.

0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...