How do I find out the settings for a universal for...

teagerton · ‎06-04-2012

I've been given ownership of Splunk at my job. I've gone through most of the manuals, but I haven't seen anything that answers this question. The universal forwarder is on a Windows 2003 server and splunk is on it's own Red Hat server. Currently Splunk is working for all jobs that have been created, but I can't get the forwarder on windows to work.

jeff · ‎06-04-2012

More detail would be helpful to the community to give you better direction. Generically, you can figure out your applied settings by running the command:

splunk cmd btool [conf file] list --debug

... so to figure that you have the forwarder correctly configured to send data to your indexer, you would run

splunk cmd btool outputs list --debug

You can also dig through the logs at

$SPLUNK_HOME/var/log/splunk

mikelanghorst · ‎06-07-2012

pointing out that "cmd btool" is especially helpful in that it will show you the resulting configuration when you may have multiple apps' configuration files.

How do I find out the settings for a universal forwarder

Community Content Calendar, November Edition

October Community Champions: A Shoutout to Our Contributors!

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

Are you a member of the Splunk Community?

How do I find out the settings for a universal forwarder

Community Content Calendar, November Edition

October Community Champions: A Shoutout to Our Contributors!

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!