Hey there Splunk gurus. I'm very new to Splunk and hoping for a little guidance.
I have Splunk Enterprise with the perpetual free license installed on a CentOS 7 VM on my home network. The VM is configured with a static IP. I'm wondering if anyone can point me to a checklist or document that will outline the steps necessary to be able to get Windows event log data from my desktops into Splunk. One of my desktops is running Win 7 Ultimate, and the other is running Win 7 Pro. My home network is not a domain environment.
I'd also like to be able to get the syslog data from my dd-wrt router and my tomato access point into splunk, but I seem to be overlooking one or more configuration options in the Home Monitor App. Of course, that's a challenge for another day... 😉
I've seen articles regarding the Universal Forwarder, the Splunk Add-on for Windows, and the Send to Indexer app. Are all of these required, or am I falling into the rabbit hole?
I'd like to be able to start playing around with Splunk so I can become familiar with some of the basis ins & outs. I'd be supremely appreciative of any assistance or guidance that anyone can provide.
... View more