Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How can I get the remote Windows Logs?

mailmetoramu
Explorer
‎06-04-2018 04:32 AM

Hi All,

Have installed Universal forwarder in my remote windows machine. Actually, have tried configuring ''Remote event Logs'' which was under ''Add Data''.

While configuring this, it's asking for the remote window machine name & while entering it's throwing the below error :

''Unable to get wmi classes from host 'XXYYZZ'. This host may not be reachable or WMI may be misconfigured''

Can anyone help on this to get my remote windows logs?

Thanks,

Ramu.R

Tags (3)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

FrankVl
Ultra Champion
‎06-04-2018 04:54 AM

If you want to collect the logs through the UF, then you shouldn't use Add Data -> Remote Windows Logs on your Enterprise instance (at least I assume that's where you were trying that?). You need to either configure the inputs locally on the UF, or by using forwarder management from an Enterprise instance (turning that into a Deployment Server for your UFs).

View solution in original post

0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...