Hi ,
Below is custom event logs which I am configuring on windows forwarder but they are not showing up in Splunk. We can see events coming from default events like system,security etc. Below is syntax I am using
[WinEventLog://Citirix Delivery Services]
disabled = 0
start_from = oldest
current_only = 1
checkpointInterval = 5
index = wineventlog
![alt text][1]
[1]: /storage/temp/162188-picture1.png
Attached screenshot shows location of event logs
↧