Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About sid1987
sid1987
New Member
Member since:
04-08-2020
06-05-2020
Community Statistics
| Posts | 5 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 04-08-2020 |
Activity Feed
- Posted Re: splunk universal forwarder not monitoring all files in a folder on Getting Data In. 04-13-2020 04:54 PM
- Posted Re: splunk universal forwarder not monitoring all files in a folder on Getting Data In. 04-13-2020 04:03 AM
- Posted splunk universal forwarder not monitoring all files in a folder on Getting Data In. 04-13-2020 03:35 AM
- Tagged splunk universal forwarder not monitoring all files in a folder on Getting Data In. 04-13-2020 03:35 AM
- Tagged splunk universal forwarder not monitoring all files in a folder on Getting Data In. 04-13-2020 03:35 AM
- Posted Re: AWS logs push to on-premise splunk with universal forwarder on Getting Data In. 04-08-2020 08:27 AM
- Posted AWS logs push to on-premise splunk with universal forwarder on Getting Data In. 04-08-2020 07:55 AM
- Tagged AWS logs push to on-premise splunk with universal forwarder on Getting Data In. 04-08-2020 07:55 AM
- Tagged AWS logs push to on-premise splunk with universal forwarder on Getting Data In. 04-08-2020 07:55 AM
- Tagged AWS logs push to on-premise splunk with universal forwarder on Getting Data In. 04-08-2020 07:55 AM
- Tagged AWS logs push to on-premise splunk with universal forwarder on Getting Data In. 04-08-2020 07:55 AM
Topics I've Started
04-13-2020
04:54 PM
strangely nothing again.
/opt/splunkforwarder/bin/splunk cmd btool inputs list --debug | grep forwarder | grep -v splunkforwarder
... View more
04-13-2020
04:03 AM
strange part is the server which is working fine has no monitor parameter set in any of the inputs.conf
/opt/splunkforwarder/bin/splunk list monitor
Monitored Directories:
$SPLUNK_HOME/var/log/splunk
/opt/splunkforwarder/var/log/splunk/audit.log
/opt/splunkforwarder/var/log/splunk/first_install.log
/opt/splunkforwarder/var/log/splunk/splunkd_access.log
$SPLUNK_HOME/var/log/splunk/license_usage_summary.log
$SPLUNK_HOME/var/log/splunk/metrics.log
/opt/splunkforwarder/var/log/splunk/metrics.log
$SPLUNK_HOME/var/log/splunk/splunk_instrumentation_cloud.log*
$SPLUNK_HOME/var/log/splunk/splunkd.log
/opt/splunkforwarder/var/log/splunk/splunkd.log
$SPLUNK_HOME/var/log/watchdog/watchdog.log*
/var/log/forwarder-logs
/var/log/forwarder-logs/LogA
/var/log/forwarder-logs/LogB
/var/log/forwarder-logs/LogC
/var/log/forwarder-logs/LogD
/var/log/forwarder-logs/LogE
/var/log/forwarder-logs/LogF
/var/log/forwarder-logs/LogG
/var/log/forwarder-logs/LogH
/var/log/forwarder-logs/LogI
/var/log/forwarder-logs/LogJ
Monitored Files:
$SPLUNK_HOME/etc/splunk.version
$SPLUNK_HOME/var/run/splunk/search_telemetry/*search_telemetry.json
$SPLUNK_HOME/var/spool/splunk/...stash_new
grep -r "/var/log/forwarder-logs" /opt/splunkforwarder/etc/
Above command returns nothing.
... View more
04-13-2020
03:35 AM
Same version of splunk forwarder (8.0.2) on 2 linux servers are behaving differently.
One lists all files under a folder to monitor. However other one shows only few of them. What's the issue.
... View more
04-08-2020
08:27 AM
Thanks @richgalloway for the prompt response. I have been through both the links earlier. We won’t be using lambda for now. For the other one aws cloud watch config is the part of universal forwarder? What should be the input and output.conf files? Also how do I add source in splunk server? Is it the way it is in lambda method blog?
... View more
04-08-2020
07:55 AM
Hi Everyone,
I am new to splunk configuration. So looking for guidance and step by step configuration.
I need to configure primarily aws CloudWatch log groups (ec2 instances /var/log/messages and tomcat logs, vpc logs) and cloud trails to an on-premise splunk server.
I am looking for a solution where I am planing to create a server as universal forwarder which collects all these logs and pushes to the splunk server (port 9997).
Can a universal forwarder collects all the logs mentioned above and send it to splunk, that’s first step.
I am assuming I might have to get aws add on installed on splunk server. How do I configure log stream in splunk with or without aws add on. I would step by step guide as I am new go splunk.
Thanks in advance.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-05-2020
02:03 AM
|
