the documentation does not have windows instructions for configuring the forwarder on a windows machine to communicate with your instance in splunk cloud. It merely says download and run the app, which I assume means put the credentials install file on the target windows machine you want to monitor and run it from the installed forwarders etc/bin directory" Well I did this and nothing happened.
Has someone come up with a step by step guide for doing this yet?
We had to change permissions on the installed forwarder directory and all subdirectory and files then edit the command in the instructions so it would work in windows. after that we needed to take the resulting config and auth files and put them into the etc/system/local directory for it to work. None of that was in the instructions however.
Were you getting a file permission error when attempting to run the commands on the forwarder? We will be updating the instructions to include steps for Windows hosts, but I am curious as to what made you have to "change permissions on the installed forwarder directory." You should not have to do that normally. Thanks.
If you are using Splunk Cloud self-service look for the Universal Forwarder app that is installed in your Splunk Cloud deployment. It should contain additional instructions for getting your forwarder to communicate with Splunk Cloud.
Hi Cuyose, the Splunk Cloud documentation (http://docs.splunk.com/Documentation/SplunkCloud/SplunkCloud/User/AddDataUnivFrwrder) provides links to instructions for installing a Universal Forwarder on both Windows and non-Windows systems. If you have looked at the docs already and find that they don't have the information you need, do let us know. Thanks!