Splunk
by 1s440 from LinuxQuestions.org on (#4Q0RP)
Hi all,
I am trying to setup splunk to monitor all the remote hosts on a Splunk server. Without any issues, i have set up the Splunk server. I have installed the Universal forwader on Remote host and provides inputs.conf and outputs.conf as below. But some how these logs are not getting routed to Splunk server. I am stuck here though i change some configuration according to the Splunk documentation, i have not got the output. can anyone suggest me.
Code:inputs.conf
[default]
[monitor:///var/log/messages]
disabled = 0
source type = messages_log
index = system_logCode:outputs.conf
[tcpout:default-autolb-group]
disabled = false
server = 192.189.11.34:9997
I am trying to setup splunk to monitor all the remote hosts on a Splunk server. Without any issues, i have set up the Splunk server. I have installed the Universal forwader on Remote host and provides inputs.conf and outputs.conf as below. But some how these logs are not getting routed to Splunk server. I am stuck here though i change some configuration according to the Splunk documentation, i have not got the output. can anyone suggest me.
Code:inputs.conf
[default]
[monitor:///var/log/messages]
disabled = 0
source type = messages_log
index = system_logCode:outputs.conf
[tcpout:default-autolb-group]
disabled = false
server = 192.189.11.34:9997