HI, I have a Win10 64bit environment with Splunk Enterprise instance and UF instance.
I tried to send data using the File Metadata app to send data from UF (local) to Splunk Ent (local) to test the app with forwarder.
I copied the decompressed folder into SplunkUniversalForwarder/etc/apps and set output and input. I restarted the service but i didn't received data on the main index.
The input.conf configuration file look like this:
#input.conf
[file_meta_data://Test]
depth_limit=0
file_hash_limit=500MB
file_path=C:\mypath\DaMonitorare
include_file_hash=0
index=main
interval=2m
only_if_changed=0
recurse=1
disabled=0
The UF works fine using a simple folder monitoring configuration like
[monitor://C:\mypath\tosplunk]
disabled = false
index = main
I have Python 2.7.1 installed on my machine (and also python 3).
Can you help me?
Do you have a guide to install and configure on UF on Windows environment step by step or some suggestions?
Thank you
Giorgio
↧