How to configure Splunk Light for receiving data f...

andig2 · ‎10-26-2015

I have Splunk Light on Windows and the Universal Forwarder on Raspberry. According to docs, I need to create a server class for receiving data. The admin UI does not give me an option to do so.

How do I configure SL to receive data from a UF?

andrewb_splunk · ‎04-11-2016

For more details on the process that @jterry refers to, see the topics in the Getting Data In chapter of the Splunk Light User Guide. A good starting topic is http://docs.splunk.com/Documentation/SplunkLight/6.4.0/GettingStarted/Aboutaddingdata

jterry · ‎04-04-2016

The distinction between a forwarder & a deployment client is blurred in SL. For forwarding all you need to do is open/listen to a port on the server & tell the forwarder to send data there. (splunk add forward-server ...). In the latest release, it's recommended that all forwarders also be deployment clients (splunk set deploy-poll ...). This ties into the server class concept where forwarders (configured as deployment clients) can be managed in groups.

How to configure Splunk Light for receiving data from a Universal Forwarder?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

Splunk Community Badges!

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Join the Conversation