Solved: Why is Splunk enterprise unable to read logs from ...

partix2 · ‎03-14-2019

How can i read logs from specific directories from one of the AWS windows instance(let's call is Instance1) to other AWS windows instance(Instance2) on which my splunk enterprise is installed? Do i need to do some changes in my inputs.conf? If yes what all stuffs i need to add in it ? Can you please explain with an example ?

nickhills · ‎03-14-2019

Have a look here: https://docs.splunk.com/Documentation/Splunk/7.2.4/Data/Getstartedwithgettingdatain

At a high level:
1.) Install Splunk Universal Forwarder on instance1
2.) Configure inputs.conf on instance1
3.) Configure outputs.conf on instance1
4.) Configure inputs.conf on instance2

If my comment helps, please give it a thumbs up!

View solution in original post

nickhills · ‎03-14-2019

Have a look here: https://docs.splunk.com/Documentation/Splunk/7.2.4/Data/Getstartedwithgettingdatain

At a high level:
1.) Install Splunk Universal Forwarder on instance1
2.) Configure inputs.conf on instance1
3.) Configure outputs.conf on instance1
4.) Configure inputs.conf on instance2

If my comment helps, please give it a thumbs up!

Why is Splunk enterprise unable to read logs from specific directories?

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics!

New in Observability Cloud - Explicit Bucket Histograms