Solved: Re: Why is Splunk enterprise unable to read logs f...

partix2 · ‎03-14-2019

How can i read logs from specific directories from one of the AWS windows instance(let's call is Instance1) to other AWS windows instance(Instance2) on which my splunk enterprise is installed? Do i need to do some changes in my inputs.conf? If yes what all stuffs i need to add in it ? Can you please explain with an example ?

nickhills · ‎03-14-2019

Have a look here: https://docs.splunk.com/Documentation/Splunk/7.2.4/Data/Getstartedwithgettingdatain

At a high level:
1.) Install Splunk Universal Forwarder on instance1
2.) Configure inputs.conf on instance1
3.) Configure outputs.conf on instance1
4.) Configure inputs.conf on instance2

If my comment helps, please give it a thumbs up!

View solution in original post

nickhills · ‎03-14-2019

Have a look here: https://docs.splunk.com/Documentation/Splunk/7.2.4/Data/Getstartedwithgettingdatain

At a high level:
1.) Install Splunk Universal Forwarder on instance1
2.) Configure inputs.conf on instance1
3.) Configure outputs.conf on instance1
4.) Configure inputs.conf on instance2

If my comment helps, please give it a thumbs up!

Why is Splunk enterprise unable to read logs from specific directories?

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

Feel the Splunk Love: Real Stories from Real Customers

Data Management Digest – November 2025

Are you a member of the Splunk Community?

Why is Splunk enterprise unable to read logs from specific directories?

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

Feel the Splunk Love: Real Stories from Real Customers

Data Management Digest – November 2025