Solved: Ingesting Windows Service Status Data?

jamie1 · ‎03-27-2023

Hi There,

I am new to Splunk and am currently trying to get Windows Services data into Splunk. I am using Splunk Cloud and already have Windows Event Log data being ingested via a Universal Forwarder. I was attempting to make use of a search via Splunk Security Essentials and saw the following:

Unfortunately, when trying to find help online or on Splunk Docs, I only saw solutions about changing inputs.conf. However, as I am on Splunk Cloud, I do not know if this would be possible.

Any help would be appreciated,

Jamie

richgalloway · ‎03-27-2023

The inputs.conf file is on your UF, which you can access.

---
If this reply helps you, Karma would be appreciated.

View solution in original post

richgalloway · ‎03-27-2023

The inputs.conf file is on your UF, which you can access.

---
If this reply helps you, Karma would be appreciated.

jamie1 · ‎03-31-2023

Hey,

This information helped, thanks man 🙂

Jamie

Ingesting Windows Service Status Data?

inputs.conf

universal forwarder

Windows

Streamline Data Ingestion With Deployment Server Essentials

Remediate Threats Faster and Simplify Investigations With Splunk Enterprise Security ...

Introduction to Splunk AI