Can someone please explain what is the need of configuring inputs.conf at receiver side (indexer) if the receiver port (9997) is already configured (May be through GUI) ?
... View more
Is there anyway to fetch the logs of Live HTTP/HTTPs traffic (Web traffic)?
For E.G :
I am searching multiple sites in my machine and I want to get them fetched in Splunk in terms of logs.
1. At what time I surfed the URL?
2. What URL I have surfed?
3. What is the size of the data I have used?
I know - this has to be fetched through Firewall, but any other way to get it in Splunk directly?
... View more
Hello,
In our Splunk Enterprise, we have created a customized indexer. We are trying to get certain events of a specific host, but as soon as we type index="Event_Logs" host=WindowServer in Search, we get the results of 2 hosts with the same host name.
1. WINDOWSERVER (UPPER_CASE)
2. windowserver (lower_case)
The count appearing in the Search results is different.
Any idea about this behavior?
Appreciate your help.
== Umang Solanki
... View more