Hello All!
When I create Windows Event Logs Input manually (via the GUI), I specify a Server Class , Event Logs and the Index.
How do I create it via the SDK?
I guess I need to specify:
"splunktcp" : 9997
"win-event-log-collections" : ['System', 'Application', 'Security']
But I don't see how to specify the index and the Windows server that runs a forwarder.
Thanks
↧