outputs.conf
/opt/splunkforwarder/etc/system/local/outputs.conf
[tcpout]
defaultGroup = splunkcloud
disabled = false
maxQueueSize = 1500
indexAndForward = false
[tcpout:splunkcloud]
server = input-prd-p-pdsmk7bx6vlg.cloud.splunk.com:9997
inputs.conf
/opt/splunkforwarder/etc/system/local/inputs.conf
[default]
host = SyslogSRV
[monitor:///var/log/TEST-SYSLOG/test-sysLog.log]
[splunktcp-ssl://9997]
local.meta
[inputs/monitor%3A%2F%2F%2Fvar%2Flog%2FTEST-SYSLOG%2Ftest-sysLog.log]
owner = splunk-system-user
version = 6.3.1
modtime = 1447503002.498094000
[inputs/monitor%3A%2F%2F%2Fvar%2Flog%2Fsyslog]
owner = admin
version = 6.3.1
modtime = 1447516194.527718000
[inputs/monitor%3A%2F%2F%2Fvar%2Flog]
owner = admin
version = 6.3.1
modtime = 1447767752.634803000
[inputs/splunktcp%3A%2F%2F9997]
owner = admin
version = 6.3.1
modtime = 1447857226.751613000
... View more