I am working on a Windows machine (Windows 7 64bit) with Splunk 6.4.1. I have installed the Splunk App for Unix and Linux, and the Add-on as well.
Now I'm trying to get the data to feed into Splunk so it can be indexed and my Windows setup for Splunk can display/index the data.
I read through the documentation, and if I get it correctly, I'm supposed to install the Universal Indexer onto the Unix (in my case) setup in order to send the data in a readable format into my install of Splunk.
The goal is to see the health of the Unix machines on my instance/setup of Splunk on my Windows 7 machine.
Am I on the right track? Has anyone successfully done a similar setup to what I'm trying to achieve? I have not delved into the scripting of config files which I also saw on the documentation for Splunk App for Unix/Linux... which I'm guessing I may have to mess with to get it working.... is this a correct assumption too?
I saw this thread below, which kind of seemed like he was trying to achieve the same thing:
https://answers.splunk.com/answers/237809/why-am-i-getting-this-error-trying-to-configure-th.html?utm_source=typeahead&utm_medium=newquestion&utm_campaign=no_votes_sort_relev
... View more