Solved: Re: Why is Splunk enterprise unable to read logs f...

partix2 · ‎03-14-2019

How can i read logs from specific directories from one of the AWS windows instance(let's call is Instance1) to other AWS windows instance(Instance2) on which my splunk enterprise is installed? Do i need to do some changes in my inputs.conf? If yes what all stuffs i need to add in it ? Can you please explain with an example ?

nickhills · ‎03-14-2019

Have a look here: https://docs.splunk.com/Documentation/Splunk/7.2.4/Data/Getstartedwithgettingdatain

At a high level:
1.) Install Splunk Universal Forwarder on instance1
2.) Configure inputs.conf on instance1
3.) Configure outputs.conf on instance1
4.) Configure inputs.conf on instance2

If my comment helps, please give it a thumbs up!

View solution in original post

nickhills · ‎03-14-2019

Have a look here: https://docs.splunk.com/Documentation/Splunk/7.2.4/Data/Getstartedwithgettingdatain

At a high level:
1.) Install Splunk Universal Forwarder on instance1
2.) Configure inputs.conf on instance1
3.) Configure outputs.conf on instance1
4.) Configure inputs.conf on instance2

If my comment helps, please give it a thumbs up!

Why is Splunk enterprise unable to read logs from specific directories?

Stay Connected: Your Guide to January Tech Talks, Office Hours, and Webinars!

[Puzzles] Solve, Learn, Repeat: Reprocessing XML into Fixed-Length Events

Data Management Digest – December 2025

Join the Conversation

Why is Splunk enterprise unable to read logs from specific directories?

Stay Connected: Your Guide to January Tech Talks, Office Hours, and Webinars!

[Puzzles] Solve, Learn, Repeat: Reprocessing XML into Fixed-Length Events

Data Management Digest – December 2025