Splunk Enterprise

How to store log to Splunk Enterprise Server with Forwarded inputs (File & Directories)

mindterrian
New Member

Hi

I see Forwarded inputs type File & Directories is monitor only not collect log to Splunk Enterprise.
How to store log with Forwarded inputs type File & Directories.

Thank you

Tags (1)
0 Karma

dkeck
Influencer

You are asking basic questions, you should start with splunk education this will give you an overview

please have a look at following links

Free Splunk Fundamentals 1 https://www.splunk.com/en_us/training/free-courses/splunk-fundamentals-1.html
Free Splnk Educational videos https://www.splunk.com/en_us/training/videos/all-videos.html
Learn how to use Splunk https://www.splunk.com/en_us/view/SP-CAAAG2R
Splunk Architecture Overview (e-learning) https://www.splunk.com/view/SP-CAAAHSJ
Download Splunk Enterprise for free and start exploring it https://www.splunk.com/en_us/download.html
Free trials and download https://www.splunk.com/en_us/download.html

0 Karma

vishaltaneja070
Motivator

Forwarded inputs means data coming from Universal forwarder or Heavy Forwarder to Indexer.

if it so, then we can save data on that machine only i.e Indexer.

0 Karma

mindterrian
New Member

How to store raw log from Universal Forwarder to Splunk Enterprise?

0 Karma

mindterrian
New Member

What file store that log?

0 Karma

dkeck
Influencer

Indexes in Splunk are stored in $SPLUNK_HOME/splunk/var/lib/splunk

You should have a look at this:

https://docs.splunk.com/Documentation/Splunk/7.2.3/Indexer/HowSplunkstoresindexes

0 Karma
Get Updates on the Splunk Community!

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...

Observability Highlights | January 2023 Newsletter

 January 2023New Product Releases Splunk Network Explorer for Infrastructure MonitoringSplunk unveils Network ...