Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk Universal Forwarder use to forward data to non splunk system

ajaykulkarni
Engager
‎10-04-2012 04:09 AM

Hi All,

I am new to splunk.
I am using Splunk Universal Forwarder to transfer data to Splunk Server. So I don't need to care where it stores the forwarded data!

But now the situation is I have only forwarder and I need to forward data to non splunk server (a dumb machine). Here how to configure the forwarder and mostly On the Dumb machine how to receive the data?

Simply I need to receive data on my local machine directory: c:\ReceivedDataFrom\Client1\Folder from Splunk forwarder installed on Client1

Thanks.

0 Karma
Reply

ajaykulkarni
Engager
‎10-04-2012 04:34 AM

A Windows based machine where I can receive files at specific folder from client machine having Universal Forwarders installed.

0 Karma
Reply

sdaniels
Splunk Employee
Splunk Employee
‎10-04-2012 04:33 AM

Splunk forwarders will only send data to a 3rd party via UDP or TCP. See docs below.

http://docs.splunk.com/Documentation/Splunk/5.0/Deploy/Forwarddatatothird-partysystemsd

0 Karma
Reply

ajaykulkarni
Engager
‎10-04-2012 04:52 AM

So forwarder will send data to a tcp port (lets say x.x.x.x:11000 where x.x.x.x is server's IP) to specific 3rd party server and on this server I need to have some application which listen port 11000 for incoming data.

Correct me if I am wrong. 🙂

0 Karma
Reply

Ayn
Legend
‎10-04-2012 04:44 AM

It's up to you to setup the 3rd party solution, that's not something you will achieve with Splunk.

0 Karma
Reply

ajaykulkarni
Engager
‎10-04-2012 04:42 AM

Hi All,

Simply please provide me a solution for the below problem,

  1. I have one Windows based client machine C1 with Splunk Universal Forwarder.
  2. I have one Windows based Machine where I want to receive the files.
  3. On this machine I want to receive files as c:\FileFromC1\ReceivedFile

So How I configure Forwarder and How I store it once received?

Please help.

0 Karma
Reply

Ayn
Legend
‎10-04-2012 04:31 AM

What kind of "dumb machine" are we talking about? Splunk light forwarders cannot forward data to anything but other Splunk instances.

0 Karma
Reply
Get Updates on the Splunk Community!

What the End of Support for Splunk Add-on Builder Means for You

Hello Splunk Community! We want to share an important update regarding the future of the Splunk Add-on Builder ...

Solve, Learn, Repeat: New Puzzle Channel Now Live

Welcome to the Splunk Puzzle PlaygroundIf you are anything like me, you love to solve problems, and what ...

Building Reliable Asset and Identity Frameworks in Splunk ES

 Accurate asset and identity resolution is the backbone of security operations. Without it, alerts are ...