Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Hiow to forward events from servers and network devices

ppram
New Member
‎04-01-2011 07:14 AM

We have a splunk Indexer based on Linux and we have around 40+ servers and network devices in our network.

Want to know how to get all these servers and network devices forward SYSlogs and event logs to the splunk Indexer.

Do I have to install a splunk agent in all the servers? If Yes, what is a Splunk Agent? How do I tell the network devices to send the SYSlog and SNMP logs to Splunk Indexer?

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

MuS
SplunkTrust
SplunkTrust
‎04-01-2011 11:50 AM

Hello ppram

best thing to do, read the manual http://www.splunk.com/base/Documentation/latest/Data/WhatSplunkcanmonitor and I think all your questions will be answered.

regards, MuS

View solution in original post

Reply
Solved! Jump to solution
Solution

MuS
SplunkTrust
SplunkTrust
‎04-01-2011 11:50 AM

Hello ppram

best thing to do, read the manual http://www.splunk.com/base/Documentation/latest/Data/WhatSplunkcanmonitor and I think all your questions will be answered.

regards, MuS

Reply
Solved! Jump to solution

MuS
SplunkTrust
SplunkTrust
‎04-05-2011 05:23 AM

Hi ppram

yes, install a light weight forwarder or as from 4.2 on, an universal forwarder on that windows server, configure it as needed and your done.

Reply
Solved! Jump to solution

ppram
New Member
‎04-04-2011 03:01 PM

HI MuS,

Thanks for helping me on this. Now for example if I have a windows server I want to collect all the windows event logs and send it to the Splunk Indexer in another server.

I need to install the splunk in that Windows server and then install the windows APP and forward the log to the Splunk Indexer server?

Please correct me if I am wrong.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...