B. Similarly, once ive finished the settings for above qn, how do i reset it for it to take effect? im pretty unclear as im used to websplunk. Likewise, for the "deployment PC", do i need to configure anything to receive it?
C. I read about configuring the receiver first before doing forwarding. but am somehow confused with the settings for the respective .conf files.
Hopefully some of you folks here can enlighten me.
Some "nt sure if relevant" details:
Forwarder: to forward different kinds of logs from various directories.
Im sure there is something i need to do for inputs.conf so i can monitor and index them properly but am unsure how to do it. (i have only tested with local logs before)