Using Ubuntu, Is it possible for Splunk to read from a firewall that's setup and output results in real time or in a log without using any splunk apps and just using command line?
If it is possible any direction on how I could go about it?
Thanks.
Hi Mahmudomer,
You can monitor any local / Remote directory from command line by running command with required parameter.
Local,
./splunk add monitor <log path>
In-Case the files are in remote then you can use TCP/UDP. Read Splunk documentation Link
Mount filesystem / soft link may help you .