Is there a step by step setup link for Splunk conf...

jasreets · ‎11-28-2022

Hi All,

We are tring to collect the Desktop experience data in Splunk using the Uber Agent.

We have installed the Splunk Enterprise trial setup on a Windows Machine and the same machine hosts the Uberagent as well as an additional machine has uber agent sending logs to this server.

Due to the message popup we created an index for incoming uberagent data and can see the events piling up in that index; but failed to get them populated under any dashboard or searches.

Please share if there exists a step by step setup link for this architecture or suggest if there needs to be additonal configuration done to support UberAgent logs.

richgalloway · ‎11-29-2022

How do you see events piling up in the index if you can't search the index? Does your role have read permission on the index? How are you trying to get the data into a search or dashboard? Please share the SPL.

---
If this reply helps you, Karma would be appreciated.

Is there a step by step setup link for Splunk configuration with UberAgent?

Windows

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Automating Threat Operations and Threat Hunting with Recorded Future

Join the Conversation