Getting Data In

How to configure a universal forwarder on Windows to send data to another Windows system?

rakeshh123
Path Finder

I already installed the universal forwarder on a Windows system. What I would like to do is get the data into another Windows system from the forwarder, but I can't figure this out, so please help me.
I have set the forwarder and receiver to listen on port 9997.

I configured like this on my receiver machine:

inputs.conf file

[default]
host = TRAINING12

[splunktcp://9997]
connection_host=ip

deployementclient.conf

[deployment-client]

[target-broker:deploymentServer]
targetUri= deploymentserver.splunk.satishnagalla:9997

serverclass.conf

[serverClass:satishnagalla:app:_server_app_rakesh]
restartSplunkWeb = 0
restartSplunkd = 0
stateOnClient = enabled

[serverClass:satishnagalla]
whitelist.0 = *

[serverClass:satishnagalla:app:_server_app_satishnagalla]

I configured like this in my forwarder machine:

output.conf file:

[tcpout]
defaultGroup=receiver
indexAndForward=true

[tcpout:receiver]
disabled = false
server=VEDICINDIA-PC:9996,TRAINING12:9997

[tcpout-server://TRAINING12:9997]

inputs.conf file:

[default]
host = satishnagalla

[script://$SPLUNK_HOME\bin\scripts\splunk-wmi.path]
disabled = 0
0 Karma

Umesh_Vedicsoft
Path Finder

i got the answer from somebody else which is related to your question. It may use full for you check it once.
https://answers.splunk.com/answers/352888/how-to-configure-the-splunk-universal-forwarder-an.html

skoelpin
SplunkTrust
SplunkTrust

Is your outputs.conf pointing to your indexer?

0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

 (view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...