Hi @radialdrillingvibe ,
Did you have a chance to check out an answer? If it worked, please resolve this post by approving it! If your problem is still not solved, keep us updated so that someone else can help you.
Thanks for posting!
Hi radialdrillingvibe,
You wanted to know the right thing, but you asked the wrong question 🙂
Your question should be like How do I get Microsoft UL output into Splunk?
Short version:
Any output to stdout
by a script started by Splunk will be indexed, see details here https://docs.splunk.com/Documentation/Splunk/latest/AdvancedDev/ScriptedInputsIntro . Your task will be, to write a script that queries the USB device and outputs the data to stdout
.
And to answer your posted question:
Yes, it can - see here https://docs.splunk.com/Documentation/SplunkLight/latest/GettingStarted/AboutSplunkLight#Events_inde... for more details. As you can see it lists scripts
as option for event indexing 😉
Hope this helps ...
cheers, MuS
Short version: Any output to stdout by a script started by Splunk will be indexed, see details here https://docs.splunk.com/Documentation/Splunk/latest/AdvancedDev/ScriptedInputsIntro . Your task will be, to write a script that queries the USB device and outputs the data to stdout.
Can I use a Splunk Add-On and/or the Universal Forwarder to write a script to query the USB and output to stdout?
You might be able to use the Add-On builder https://docs.splunk.com/Documentation/AddonBuilder/latest/UserGuide/Overview to create an add-on and use it on the universal forwarder. But again, it will be your task to bridge the gap and create a script that queries the device and outputs into Splunk.
cheers, MuS