Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Trying to monitor local macOS system logs and performance data as remote log from Ubuntu instance on VirtualBox

Herman
Explorer
‎03-21-2021 10:42 AM

I am trying to get my Ubuntu instance on VirtualBox to ingest my mac's system logs and performance data as remote logs.

I already installed the add-on for linux and unix and configured the forwarding host as 10.0.2.255:9997 on my Mac and receiving port as 9997 on the Ubuntu instance. 

I edited the input.config of the add-on for linux and unix and enable all the metrics and put the 'index = mac' on every one of them.

I already added the index 'mac' for the admin on the ubuntu instance. However, when I searched 'index = mac' on the ubuntu instance, there is no data. 

Is there something important that I am missing? Any help would be appreciated as this is really important as this will determine whether I will have the opportunity. Many thanks!

Preview file
566 KB
0 Karma
Reply
Get Updates on the Splunk Community!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...