Re: howto? selfmade script output on windows send ...

jan_wohlers · ‎06-21-2012

Dear Splunkers,

I'm running my indexer on a redhat machine. On a Windows machine in our environment I'm going to run daily scripts. For testing purposes splunk was also installed on that windowsmachine. How can I forward the output of the selfmade scipts to my indexer?

Sounds like I have no idea splunk works 🐵 and... yes... sometimes thats right! 🙂

Thanks for help!

/Jan

Ayn · ‎06-27-2012

You need a scripted input. With this, Splunk executes the script you specify (it can be any kind of script as long as the system supports running it), and reads/indexes the output the script produces. This docs section has more info: http://docs.splunk.com/Documentation/Splunk/5.0/AdvancedDev/ScriptedInputsIntro

Ayn · ‎06-27-2012

The forwarder will forward the events it receives to the indexer, so the output from your script that is executed on Server_1 will end up on your indexer just like any other logs.

jan_wohlers · ‎06-27-2012

The Problem is that I need to run these scripts on Server_1. On Server_1the forwarder is installed. Now I try to forward the output of the script from Server_1 to my indexer (Server_Index). I can't figure out how this will work?

The link above is as far as i can see for scripts running ob the same server where the indexer is installed.

Anyone a idea?

jan_wohlers · ‎06-27-2012

nobody a clue?

That shouldnt be too hard. but I also did not find a way... 😞

howto? selfmade script output on windows send to linux indexer

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!