I am new to Splunk and am currently trying to get Windows Services data into Splunk. I am using Splunk Cloud and already have Windows Event Log data being ingested via a Universal Forwarder. I was attempting to make use of a search via Splunk Security Essentials and saw the following:
Unfortunately, when trying to find help online or on Splunk Docs, I only saw solutions about changing inputs.conf. However, as I am on Splunk Cloud, I do not know if this would be possible.
Any help would be appreciated,