Current application just writes the logs to local log file. What is the quick way to integrate Splunk so that logs get written to Splunk as well?
Hi kspoton,
Best practice is to install an universal forwarder on the source, set it up to monitor the source directory and forward the events to the Splunk indexer.
See the docs for more details http://docs.splunk.com/Documentation/Splunk/6.2.1/Forwarding/Introducingtheuniversalforwarder
cheers, MuS