Getting Data In

What do I need to install on 8 Windows machines to send security logs to Splunk Light, and how can I handle the installation and configurations remotely?

dpohli
New Member

I am attempting to set up 8 Windows machines to send the security logs to the Splunk Light server.
1) What exactly do i need to install on each machine?
2) Is there a command line to do it either silently or as a remote push?
3) What is the best place to see the configuration of which ports are being used?

I have searched and found fragments, not any kind of step by step instructions.

thanks for the help in advance

0 Karma

bohanlon_splunk
Splunk Employee
Splunk Employee

1) What exactly do i need to install on each machine?
Install the Universal forwarder.
http://www.splunk.com/en_us/download/universal-forwarder.html

2) Is there a command line to do it either silently or as a remote push?
Docs are here:
http://docs.splunk.com/Documentation/Splunk/6.2.5/Forwarding/Chooseyourplatform#Install_the_universa...

Also here:
http://docs.splunk.com/Documentation/Splunk/6.2.5/Forwarding/DeployaWindowsdfviathecommandline
(check the "When to install from the command line?" section)

3) What is the best place to see the configuration of which ports are being used?
Read these docs: http://wiki.splunk.com/Where_do_I_configure_my_Splunk_settings%3F

Also this:
http://www.splunk.com/en_us/products/splunk-light/splunk-light-vs-splunk-enterprise.html

0 Karma
Did you miss .conf21 Virtual?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!