Hi, I am also having same problem as Michael. Splunk installed on Linux host taking in syslog no problem. Two UF installed on two Windows2012R2 hosts, not sending windows event logs despite selecting them during UF install. Any ideas? Thanks,Hi, having exact same problem as Michael. I am new to Splunk and am reading as much as I can but would appreciate a point in the right direction to sort this out. I have Splunk Enterprise installed on a Linux host and working correctly taking in syslog. I have two universal forwarders installed on Windows 2012R2 hosts, one has IIS on and is sending the logs to the indexer correctly. Just no Windows Event Logs 😞
Chris
... View more