×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
jyo
New Member
Member since: ‎04-24-2013
‎06-05-2020
Community Statistics
Posts 6
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎04-24-2013
Activity Feed
Topics I've Started
View All

Re: splunk for windows

by in All Apps and Add-ons
‎03-06-2014 10:18 PM
‎03-06-2014 10:18 PM
I have turned off the firewall of windows and linux machines.Still no success. Also i have installed the universal forwarder on Windows machine and have given the indexing ip of the windows and port as 9997. Can u inform are any changes required in the conf files of universal forwarder.??and what more to do to receive the logs on linux machine Thanks ... View more

Re: splunk for windows

by in All Apps and Add-ons
‎03-06-2014 10:18 PM
‎03-06-2014 10:18 PM
I have turned off the firewall of windows and linux machines.Still no success. Also i have installed the universal forwarder on Windows machine and have given the indexing ip of the windows and port as 9997. Can u inform are any changes required in the conf files of universal forwarder. Thanks ... View more

Re: splunk for windows

by in All Apps and Add-ons
‎03-06-2014 10:17 PM
‎03-06-2014 10:17 PM
I have modified outputs.conf as below: [syslog] defaultGroup=mysyslog disabled = false [syslog:mysyslog] server=10.211.210.140:514 # the IP of the Linux machine type=udp I have turned off the firewall of windows and linux machines.Still no success. Also i have installed the universal forwarder on Windows machine and have given the indexing ip of the windows and port as 9997. Can u inform are any changes required in the conf files of universal forwarder. Thanks ... View more

Re: splunk for windows

by in All Apps and Add-ons
‎03-06-2014 10:16 PM
‎03-06-2014 10:16 PM
I have modified outputs.conf as below: [syslog] defaultGroup=mysyslog disabled = false [syslog:mysyslog] server=10.211.210.140:514 # the IP of the Linux machine type=udp I have turned off the firewall of windows and linux machines.Still no success. Also i have installed the universal forwarder on Windows machine and have given the indexing ip of the windows and port as 9997. Can u inform are any changes required in the conf files of universal forwarder. Thanks ... View more

Re: splunk for windows

by in All Apps and Add-ons
‎03-05-2014 11:25 PM
‎03-05-2014 11:25 PM
Hi Mus, Thanks for the above post!! I have read the docs of forwarding the data to third party.Below is my current scenario: I have modified the conf files in \etc\System\local 1.inputs.conf: [default] host = WIN-ICJS9A8T038 [WinEventLog:Security] disabled = 0 start-from = oldest current-only=0 evt-dc-name = evt-dns-name = evt-resolve-ad-obj = 0 checkpointinterval = 5 [WinEventLog:System] disabled = 0 start-from = oldest current-only=0 evt-dc-name = evt-dns-name = evt-resolve-ad-obj = 0 checkpointinterval = 5 2.outputs.conf: [syslog] defaultGroup=mysyslog disabled = false [syslog:mysysloggroup] server=10.210.155.131:514 # the IP of the Linux machine type=udp 3.props.conf [WinEventLog:security] TRANSFORMS-routing = sendtosyslog [Perfmon:Network Interface] TRANSFORMS-routing = sendtosyslog [syslog] TRANSFORMS-routing = sendtosyslog But i am unable to recieve the logs on linux machine.Cau you plz help to resolve the issue. Thanks. ... View more

splunk for windows

by in All Apps and Add-ons
‎03-05-2014 02:12 AM
‎03-05-2014 02:12 AM
Hi, I have splunk 6.0.2 installed with Splunk app for Windows 5.0.2.I can see the windows events in the windows app.I want to forward the logs to syslog server on port 514.Can anyone please inform the steps to follow the same.Thanks. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:03 AM