Getting Data In

Logs from remote host

andrey2007
Contributor

I have access to shared folder in my network. I want to get logs for Splunk from this folder. How can i make it? May i add this folder in Manager » Data inputs » Files & directories or i need forwarder.

Tags (2)

treinke
Builder

If it is Windows to Windows, I believe you can use UNC paths. In the manager, go to Data inputs, Files & directories, New. In the "Full path to your data", enter the full path to the files/folder.

\\machine.domain.com\path\to\your\files\

*sorry, all my Splunk servers are Linux

There are no answer without questions

gkanapathy
Splunk Employee
Splunk Employee

correct, the Splunk service would have to run as a network/domain user with access to the UNC path. Otherwise, you would run a local forwarder on the source machine.

0 Karma

mikelanghorst
Motivator

I'm in the same boat, use very little windows so far. Splunk would need to run as a Domain user, not Local System for this to work.

andrey2007
Contributor

Windows machines, i use login and pasword for access to shared folder

0 Karma

treinke
Builder

Are these Windows or *nix machines?

There are no answer without questions
0 Karma
Get Updates on the Splunk Community!

.conf25 Community Recap

Hello Splunkers, And just like that, .conf25 is in the books! What an incredible few days — full of learning, ...

Splunk App Developers | .conf25 Recap & What’s Next

If you stopped by the Builder Bar at .conf25 this year, thank you! The retro tech beer garden vibes were ...

Congratulations to the 2025-2026 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...