Solved: Getting logs in splunk using log location address

accuser123 · ‎07-01-2016

Hi! I am a new to Splunk. I have an application on a linux server that produces logs in log4j format. I want to receive analysethese logs.

I have installed Splunk Web on Windows . But I want to receive continuous log data from server without using forwarder. So is there any way by which I can get the log by just using the path of the location where logs are getting generated. if it can be done please tell how I can do that.

Thanks in Advance
-Rohit

richgalloway · ‎07-01-2016

Splunk and your data are on two different platforms. That's a problem for which the Universal Forwarder was designed. If you can't or won't use a forwarder then you're limited to writing the logs to shared storage (perhaps using something like Samba) that your Splunk server can read.

---
If this reply helps you, Karma would be appreciated.

View solution in original post

richgalloway · ‎07-01-2016

Splunk and your data are on two different platforms. That's a problem for which the Universal Forwarder was designed. If you can't or won't use a forwarder then you're limited to writing the logs to shared storage (perhaps using something like Samba) that your Splunk server can read.

---
If this reply helps you, Karma would be appreciated.

accuser123 · ‎07-03-2016

Thanks for the answer. However i didn't got what i was looking for but i am satisfied with the answer.

Getting logs in splunk using log location address

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases