Activity Feed
- Posted Re: Can Heavy Forwarder monitor a Folder and forwards to Splunk indexer ? on Getting Data In. 02-05-2024 05:51 AM
- Posted Collecting Windows Events as Both XML and Standard on Reporting. 05-18-2021 07:28 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 |
02-05-2024
05:51 AM
There are situations where an HF needs to forward log and security data located on itself and running an HF and SUF on the same host runs into problems.
... View more
05-18-2021
07:28 AM
Is it possible to collect the same Windows event as both the standard type and as XML (ie setting the renderXml flag to true in inputs.conf) using the universal forwarder? I have tried two inputs.conf entries for the same event, each sending to a different source type on the same index, but I only receive one set of the events and its always xml formatted if the xml flag is set. I suspect that the answer is no or the solution is overly complicated, but I figured I should ask anyway. One of my events only has certain information in the XML format and I was looking to avoid having to re-write a lot of existing code to use the XML formatting where it was previously unnecessary. .
... View more
