- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The instruction of my project is: All local event logs must be duplicated to Splunk for events aggregation. In addition, I must aggregate events from one Centos 7 Virtual Machine to another Centos 7 virtual machine. I'm just new to Splunk and I don't quite understand what it means or how to even do it.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am not quite sure what you want since the data provided are very limited.
But it seems like you want your data of one Splunk instance to be copied to another Splunk instance.
This can be done by indexer clustering.
Check out the below link it might help you out.
https://docs.splunk.com/Documentation/Splunk/7.3.0/Indexer/Basicclusterarchitecture
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am not quite sure what you want since the data provided are very limited.
But it seems like you want your data of one Splunk instance to be copied to another Splunk instance.
This can be done by indexer clustering.
Check out the below link it might help you out.
https://docs.splunk.com/Documentation/Splunk/7.3.0/Indexer/Basicclusterarchitecture
