Hi,
I want to get all system logs, like CPU, Disk, Memory and other system logs, from machine where my Splunk forwarder installed on a Linux machine.
Right now, I can only see CPU/DISK/Machine log from Splunk host machine, not from all my clients.
Can you help me? What do I have to set up?
Thanks
You can install Splunk TA for Linux app on your forwarders (I believe you've this app installed on your Splunk servers already).
Are you running the Splunk for Unix app?
Yes into Linux box.
I have input files like this :
[monitor:///apps/eqpricer/logs]
whitelist = stdout.log$|server.log$
index = myapp_pricer
sourcetype = myapp_log