Security

collect Remote event log on my Windows splunk server

dineshahlawat
New Member

Hello Team,
I am new to splunk,
I need to collect Remote event Log on my Windows splunk server.
So Under my splunk GUI
Manager » Data inputs » Event log collections » My_server_logs
It Gives Me error :


Failed to fetch data: In handler 'win-wmi-enum-eventlogs': Unable to get wmi classes from host '10.151.57.199'. This host may not be reachable or WMI may be misconfigured.

Now the log i am fetching is a Unix Machine so do i need to configure the win-wmi on unix or there is any other tool i need to configure for this.
please share the sequence of steps to configure this.

0 Karma
1 Solution

Ayn
Legend

You can't do WMI polling on non-Windows systems, because it uses native Windows libraries.

View solution in original post

Ayn
Legend

You can't do WMI polling on non-Windows systems, because it uses native Windows libraries.

Ayn
Legend
0 Karma

dineshahlawat
New Member

Thanks Ayn, For clearing this doubt. Can you please share the steps to configure the Universal Forwarder (ON UNIX) to forward the log file to Splunk.

0 Karma

Ayn
Legend

Oh so you mean the other way around? You're running Splunk on Windows but have remote logs on a Unix box? In that case you can't use WMI at all, it's Windows only. For getting events from your remote Unix box, you should install a Universal Forwarder on it and have it send the events back to your indexer. Or configure it to send syslog.

0 Karma

dineshahlawat
New Member

OK so what can i do to access the unix logs.
please share any reference to configure.

0 Karma
Get Updates on the Splunk Community!

Splunk is Nurturing Tomorrow’s Cybersecurity Leaders Today

Meet Carol Wright. She leads the Splunk Academic Alliance program at Splunk. The Splunk Academic Alliance ...

Part 2: A Guide to Maximizing Splunk IT Service Intelligence

Welcome to the second segment of our guide. In Part 1, we covered the essentials of getting started with ITSI ...

Part 1: A Guide to Maximizing Splunk IT Service Intelligence

As modern IT environments continue to grow in complexity and speed, the ability to efficiently manage and ...