Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

SMB server logs not coming in into splunk

sharada
Loves-to-Learn Everything
‎11-09-2021 08:17 AM

Hi All,

We have configures below stanza on SMB server(UF) and splunk forwarder to collect SMB logs,

[WinEventLog://Microsoft-Windows-SMBServer/Audit]
disabled = 0
start_from = oldest
current_only = 0
index = wineventlog

Can you please let us know if the above stanza worked for anyone to collect the logs or  share any working stanza is appreciated.

TIA

Sharada

Labels (3)
0 Karma
Reply
Get Updates on the Splunk Community!

Database Performance Sidebar Panel Now on APM Database Query Performance & Service ...

We’ve streamlined the troubleshooting experience for database-related service issues by adding a database ...

IM Landing Page Filter - Now Available

We’ve added the capability for you to filter across the summary details on the main Infrastructure Monitoring ...

Dynamic Links from Alerts to IM Navigators - New in Observability Cloud

Splunk continues to improve the troubleshooting experience in Observability Cloud with this latest enhancement ...