Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Will my outputs.conf edits work to send both compressed and uncompressed outputs from universal forwarder?

dahlberg
New Member
‎05-24-2017 10:48 AM

I have a Universal Forwarder (UF) that I'd like to send out both compressed and uncompressed data streams to a single indexer. Would this outputs.conf work:

[tcpout]
defaultGroup = index_cluster, index_cluster2

[tcpout:index_cluster]
autoLBFrequency=60
autoLB=true
useACK=true
compressed=true
server=indexer:9996

[tcpout:index_cluster2]
compressed=false
server=indexer:9997

Also, how would I specify which files/data streams should go out to targetGroup index_cluster and which ones should go out to index_cluster2?

Thanks,
Mike

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

jkat54
SplunkTrust
SplunkTrust
‎05-24-2017 11:28 AM

Yes, they will work this way.

This is saying by default, send to both.

If you want to specify a target specific to an input use _TCP_ROUTING=name of tcpout on you inputs.conf stanza(s)

For example

[monitor::/var/log/logfile]
...
_TCP_ROUTING=index_cluster2

View solution in original post

Reply
Solved! Jump to solution
Solution

jkat54
SplunkTrust
SplunkTrust
‎05-24-2017 11:28 AM

Yes, they will work this way.

This is saying by default, send to both.

If you want to specify a target specific to an input use _TCP_ROUTING=name of tcpout on you inputs.conf stanza(s)

For example

[monitor::/var/log/logfile]
...
_TCP_ROUTING=index_cluster2

Reply
Get Updates on the Splunk Community!

Splunk Platform | Upgrading your Splunk Deployment to Python 3.9

Splunk initially announced the removal of Python 2 during the release of Splunk Enterprise 8.0.0, aiming to ...

From Product Design to User Insights: Boosting App Developer Identity on Splunkbase

co-authored by Yiyun Zhu & Dan Hosaka Engaging with the Community at .conf24 At .conf24, we revitalized the ...

Detect and Resolve Issues in a Kubernetes Environment

We’ve gone through common problems one can encounter in a Kubernetes environment, their impacts, and the ...