Hi,
I've got many windows servers to monitor.
I would like to gathering the data from a remote server.
In the manual, I read that the account for the SPLUNK services must be a domain user for gathering data from a remote machines.
But, domain user cannot access the logs or performance data from servers.
Is this "splunk" domain user must be a domain admin or must be added to every server as a local adminstrator (administrators group)?
BR,
Tom
In my experience, the user needs to be a local admin on the box. It is true that the user should be a domain user but it needs more permissions than that on the local box to get the information that you are looking for.