Hello
I have done a data entry in Splunk for the log event below :
[WinEventLog://Microsoft-Windows-PowerCfg/Diagnostic]
checkpointInterval = 5
current_only = 0
disabled = 0
index = windows
start_from = oldest
But when I'm doing a search on this sourcetype, i have no events
I think its because these event logs don't exist in the event viewer?
if its the case is anybody knows how to create it?
thanks
↧