Hi,
I am new to splunk and I am trying to configure a host of mine to use a Splunk server (I think they call them forwarders?).
I have been trying to follow the instructions I found here:
http://answers.splunk.com/answers/50082/how-do-i-configure-a-splunk-forwarder-on-linux.html
I do not understand what I am suppose to do here:
Step 4: Enable Receiving input on the Index Server Configure the Splunk Index Server to receive data, either in the manager: Manager -> sending and receiving -> configure receiving -> new or via the CLI: /opt/splunk/bin/splunk enable listen 9997 Where 9997 (default) is the receiving port for Splunk Forwarder connections
Do I execute /opt/splunk/bin/splunk enable listen 9997 on the system I want to send my log files from or on the system I want to send my log files to?
Also I do not know my Splunk username ? How can I figure that out?
# /opt/splunkforwarder/bin/splunk add forward-server hostname.domain:9997
Splunk username: i do not know it
Password:
Login failed
... View more