Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

What do I need to install on 8 Windows machines to send security logs to Splunk Light, and how can I handle the installation and configurations remotely?

dpohli
New Member
‎09-03-2015 11:41 AM

I am attempting to set up 8 Windows machines to send the security logs to the Splunk Light server.
1) What exactly do i need to install on each machine?
2) Is there a command line to do it either silently or as a remote push?
3) What is the best place to see the configuration of which ports are being used?

I have searched and found fragments, not any kind of step by step instructions.

thanks for the help in advance

0 Karma
Reply

bohanlon_splunk
Splunk Employee
Splunk Employee
‎09-06-2015 06:23 AM

1) What exactly do i need to install on each machine?
Install the Universal forwarder.
http://www.splunk.com/en_us/download/universal-forwarder.html

2) Is there a command line to do it either silently or as a remote push?
Docs are here:
http://docs.splunk.com/Documentation/Splunk/6.2.5/Forwarding/Chooseyourplatform#Install_the_universa...

Also here:
http://docs.splunk.com/Documentation/Splunk/6.2.5/Forwarding/DeployaWindowsdfviathecommandline
(check the "When to install from the command line?" section)

3) What is the best place to see the configuration of which ports are being used?
Read these docs: http://wiki.splunk.com/Where_do_I_configure_my_Splunk_settings%3F

Also this:
http://www.splunk.com/en_us/products/splunk-light/splunk-light-vs-splunk-enterprise.html

0 Karma
Reply
Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Shape the Future of Splunk: Join the Product Research Lab!

Join the Splunk Product Research Lab and connect with us in the Slack channel #product-research-lab to get ...

Auto-Injector for Everything Else: Making OpenTelemetry Truly Universal

You might have seen Splunk’s recent announcement about donating the OpenTelemetry Injector to the ...