Good Afternoon - I am new to Splunk and setting this up.
My aim is to push IIS W3C formatted files from our web server into Splunk Cloud.
I have installed the Universal forwarder on the web server where the log files currently are, and i am in the process of configuring the forwarder however i am having issues.
I have set up an index ready (i believe), however when attempting to configure the output.conf file i am not sure how to populate the command
./splunk add forward-server <host name or ip address>:<listening port>
Where can i locate the hostname and listening port for my Splunk Cloud Deployment?
Don't use that command. Go to the Universal Forwarder app in your Splunk Cloud instance and follow the instructions there. It will have an app for you to download and install on your UF. That app contains the information you need.