Re: Logs from remote host

andrey2007 · ‎10-25-2011

I have access to shared folder in my network. I want to get logs for Splunk from this folder. How can i make it? May i add this folder in Manager » Data inputs » Files & directories or i need forwarder.

treinke · ‎10-25-2011

If it is Windows to Windows, I believe you can use UNC paths. In the manager, go to Data inputs, Files & directories, New. In the "Full path to your data", enter the full path to the files/folder.

\\machine.domain.com\path\to\your\files\

*sorry, all my Splunk servers are Linux

There are no answer without questions

gkanapathy · ‎10-25-2011

correct, the Splunk service would have to run as a network/domain user with access to the UNC path. Otherwise, you would run a local forwarder on the source machine.

mikelanghorst · ‎10-25-2011

I'm in the same boat, use very little windows so far. Splunk would need to run as a Domain user, not Local System for this to work.

andrey2007 · ‎10-25-2011

Windows machines, i use login and pasword for access to shared folder

treinke · ‎10-25-2011

Are these Windows or *nix machines?

There are no answer without questions

Logs from remote host

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!