Hi Splunkers,
for our customer we collect log from Windows systems. The main configuration details are:
Logs go from DCs to a dedicated HF and then to Splunk Cloud, so the flow is: DCs -> H...
Trying to collect specific GPO event codes so we've created an app on the universal forwarder with the below in the inputs.conf file:
[WinEventLog://Application]
disabled = 0
current_only = 1
e...
Hello,
I am trying to collect data from a Hirschmann MACH102 switch in Splunk, using UDP port 514.
My computer (host) is 192.160.0.20, Switch IP is 192.160.0.10. I can ping my switch via PC....
Hello,
Have anyone managed to collect windows logs other than the usual Application,System,Security,Setup ?
I am being asked if we can collect Microsoft-Windows-F...
I have an issue with IIS logs, being monitored by a Windows heavy forwarder through UNC path. When the forwarder service starts, the IIS logs start to collect, the logs are being indexed correctly. A...
I'm trying to configure splunk to collect system and security logs via WMI from workstations. I don't know who is at work and who is away, and its a fairly large estate (512 ip addresses) of which m...
I have a forwarder on an IIS web server and I want to get some info on the Active Request and Request per sec.
So I am able to get some data back with this in my inputs.conf
[perfmon://W3SVC...
I want to create an app with forwarder and index configurations and push these configs to collect data from a particular location regularly.
Any videos or materials to help me do this? I need s...
Yes, this question has been asked a hundred times. I have looked at all of the examples, but my grasp of the different conf files and their interactions is lacking.
First:
I have a Windows devi...