Getting Data In

howto? selfmade script output on windows send to linux indexer

jan_wohlers
Path Finder

Dear Splunkers,

I'm running my indexer on a redhat machine. On a Windows machine in our environment I'm going to run daily scripts. For testing purposes splunk was also installed on that windowsmachine. How can I forward the output of the selfmade scipts to my indexer?

Sounds like I have no idea splunk works 🐵 and... yes... sometimes thats right! 🙂

Thanks for help!

/Jan

Tags (1)
0 Karma

Ayn
Legend

You need a scripted input. With this, Splunk executes the script you specify (it can be any kind of script as long as the system supports running it), and reads/indexes the output the script produces. This docs section has more info: http://docs.splunk.com/Documentation/Splunk/5.0/AdvancedDev/ScriptedInputsIntro

0 Karma

Ayn
Legend

The forwarder will forward the events it receives to the indexer, so the output from your script that is executed on Server_1 will end up on your indexer just like any other logs.

0 Karma

jan_wohlers
Path Finder

The Problem is that I need to run these scripts on Server_1. On Server_1the forwarder is installed. Now I try to forward the output of the script from Server_1 to my indexer (Server_Index). I can't figure out how this will work?

The link above is as far as i can see for scripts running ob the same server where the indexer is installed.

Anyone a idea?

0 Karma

jan_wohlers
Path Finder

nobody a clue?

That shouldnt be too hard. but I also did not find a way... 😞

0 Karma
Did you miss .conf21 Virtual?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!