Hello
I done a data entry in splunk for the log event below :
[WinEventLog://Microsoft-Windows-PowerCfg/Diagnostic]
checkpointInterval = 5
current_only = 0
disabled = 0
index = windows
start_from = oldest
But when i m doing a search on this sourcetype i have no events
I think its because these event logs doesnt exists in event viewer?
if its the case is anybody knows how to create it?
thanks
↧