I have access to shared folder in my network. I want to get logs for Splunk from this folder. How can i make it? May i add this folder in Manager » Data inputs » Files & directories or i need forwarder.
If it is Windows to Windows, I believe you can use UNC paths. In the manager, go to Data inputs, Files & directories, New. In the "Full path to your data", enter the full path to the files/folder.
*sorry, all my Splunk servers are Linux
correct, the Splunk service would have to run as a network/domain user with access to the UNC path. Otherwise, you would run a local forwarder on the source machine.
I'm in the same boat, use very little windows so far. Splunk would need to run as a Domain user, not Local System for this to work.
Windows machines, i use login and pasword for access to shared folder
Are these Windows or *nix machines?