Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Search
Splunk Community
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
10,000 results
Sort by:
05-03-2024
05:56 AM
...or a specific path. Baiscally I created a server class for the inputs.conf deployment, adding this: ###### OS Logs ###### [WinEventLog://Security] disabled = 0 index&n...
Labels
08-22-2024
02:34 PM
I want to block the audit.log file from a particular instance sending logs to splunk, is the stanza sufficient to accomplish that? Per matching a file: blacklist = <regular expression>
*...
Labels
- Labels:
-
inputs.conf
-
syslog
-
universal forwarder
03-07-2024
11:57 PM
Hi there. A simple question, it's not for a real usage, just a curiosity 😊 Does UF block inputs for system paths by default? An example, teorically an inputs like this [monitor:///...]
w...
Labels
- Labels:
-
universal forwarder
07-25-2024
05:43 AM
Hey all I am taking input over TCP by having this in my inputs.conf [tcp://1.2.3.4:123]
connection_host = ip
index = index1
sourcetype = access_combined My question is, can I h...
Labels
- Labels:
-
heavy forwarder
-
inputs.conf
09-19-2023
08:29 AM
Hi I have a basic questions about the inputs.conf file In our apps, we have a inputs.conf file under etc/apps/test/inputs.conf what is normal But what is the difference between etc/system/l...
- Tags:
- other
01-02-2024
12:21 PM
...hat it is only running on about 30 devices. Here is the current section in inputs.conf : [WinEventLog://Security] disabled = 0 evt_resolve_ad_obj = 1 checkpointInterval = 5 b...
Labels
- Labels:
-
blacklist
-
data
-
inputs.conf
-
universal forwarder
03-27-2024
01:01 PM
I want to add C:\windows\system32\winevt\logs\Microsoft-Windows-DriverFrameworks-UserMode/Operational as a stanza in my inputs.conf. How do I write the stanza? Thank you
Labels
- Labels:
-
configuration
05-25-2021
09:07 PM
I have a host that I am receiving logs into my heavy forwarder and that works fine. I now have a new log source on the same host and the entry in my inputs.conf is not passing the data I need t...
Labels
- Labels:
-
inputs.conf
12-12-2024
08:59 AM
...roperties; we don’t have ssl options in inputs.conf just wondered if there was any other locations to check on the universal forwarder as it works fine for other servers.
Labels
- Labels:
-
inputs.conf
-
universal forwarder
12-03-2020
10:07 AM
...hey talk about modifying the file "props.conf" and "transforms.conf" what is the difference between doing it from inputs.conf and the other way? inputs.log [monitor:///folder/folder/folder/i...
Labels
