Quantcast
Viewing all articles
Browse latest Browse all 1551

Can we add additional parameters (IP and hostname) to the logs which are collected thorough a Windows universal forwarder?

I am kind of new in Splunk and I am curious about something. When I install universal forwarder to a Windows server, it sends only name or ip, and by default, it sends the name of the server (can be configured with inputs.conf file). I also want to add another field that sends the ip of the server. Since not all servers are in domain, I can't find the ip address when I try to lookup from the DNS. The other thing is, since I am not a part of the systems team when i see only IP addresses, it also doesn't tell much to me. So I need both ip and hostname. Can we do it?

Viewing all articles
Browse latest Browse all 1551

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>