Solved: Why is Splunk enterprise unable to read logs from ...

partix2 · ‎03-14-2019

How can i read logs from specific directories from one of the AWS windows instance(let's call is Instance1) to other AWS windows instance(Instance2) on which my splunk enterprise is installed? Do i need to do some changes in my inputs.conf? If yes what all stuffs i need to add in it ? Can you please explain with an example ?

nickhills · ‎03-14-2019

Have a look here: https://docs.splunk.com/Documentation/Splunk/7.2.4/Data/Getstartedwithgettingdatain

At a high level:
1.) Install Splunk Universal Forwarder on instance1
2.) Configure inputs.conf on instance1
3.) Configure outputs.conf on instance1
4.) Configure inputs.conf on instance2

If my comment helps, please give it a thumbs up!

View solution in original post

nickhills · ‎03-14-2019

Have a look here: https://docs.splunk.com/Documentation/Splunk/7.2.4/Data/Getstartedwithgettingdatain

At a high level:
1.) Install Splunk Universal Forwarder on instance1
2.) Configure inputs.conf on instance1
3.) Configure outputs.conf on instance1
4.) Configure inputs.conf on instance2

If my comment helps, please give it a thumbs up!

Why is Splunk enterprise unable to read logs from specific directories?

SOC4Kafka - New Kafka Connector Powered by OpenTelemetry

Your Voice Matters! Help Us Shape the New Splunk Lantern Experience

Building Momentum: Splunk Developer Program at .conf25

Are you a member of the Splunk Community?

Why is Splunk enterprise unable to read logs from specific directories?

SOC4Kafka - New Kafka Connector Powered by OpenTelemetry

Your Voice Matters! Help Us Shape the New Splunk Lantern Experience

Building Momentum: Splunk Developer Program at .conf25