How to send visual studio application log to Splun...

j_rajesh · ‎03-28-2017

I have installed Splunk Enterprise. Need to know the basic steps to send log data from my standalone visual studio application.

skoelpin · ‎03-28-2017

I'm assuming Splunk is installed on a separate server that visual studio is installed on?

If so then install a Splunk Universal Forwarder on the server with visual studio. Once installed, go back to the server where Splunk is installed and configure it to receive traffic via port 9997 by Settings > Forwarding and Receiving > Configure Receiving > New > Add 9997

You can also create a new index while on this server (I'd recommend doing so)

Now go back to the server where you installed the Splunk forwarder, go under $SPLUNK_HOME/etc/apps/search/local and create 2 files.. The first file is called inputs.conf and the second file will be called outputs.conf

Inputs.conf

[monitor://PATH_TO_YOUR_LOG_FILE]
index=YOUR_INDEX_NAME
sourcetype=YOUR_SOURCETYPE

Outputs.conf

[tcpout]
defaultGroup = default-autolb-group

[tcpout:default-autolb-group]
disabled = false
server = YOUR_INDEXER_IP_ADDRESS:9997

Restart Splunkd on the forwarder after making these changes by going to $SPLUNK_HOME/bin and ./splunk restart

http://docs.splunk.com/Documentation/Splunk/6.5.2/Data/Getstartedwithgettingdatain

How to send visual studio application log to Splunk Enterprise instance?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Data Management Digest – May 2026

Join the Conversation