Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to configure windows event (example login access) to send to splunk?

StefanoLodola
New Member
‎01-15-2015 11:09 PM

Hi,
I'm using splunk recently.
How can I configure "windows events" (example login access) to send them to splunk? I need a Universal forwarder? On splunk, which configuration should I do?
thanks in advance
Stefano

0 Karma
Reply

StefanoLodola
New Member
‎01-16-2015 03:02 AM

I have configured the Universal Forwarder, but I any case the data that the server splunk collect from the server are too old. ??!!?
When I try to set the remote event log on splunk, I have always the same error "in handler 'win-wmi-enum-eventlogs' unable to get wmi classes from host"

Can u help me?

0 Karma
Reply

ddessy_splunk
Splunk Employee
Splunk Employee
‎01-15-2015 11:43 PM

Hi Stefano,

you have various possibilities depending on your security requirements and network infrastructure : using a Windows local forwarder, WMI, ...
See http://docs.splunk.com/Documentation/Splunk/latest/Data/MonitorWindowsdata
/dd

0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...