Hi. I am trying to install an universal forwarder on the same machine as my Splunk instance just to see how Universal Forwarder (UF) works. I understand that you can collect the logs locally but just to understand how UF works I am trying to do it. I have followed the installation wizard and entered the receiver details as 127.0.0.1 and 9997 as the port. I left the deployment server details empty. I also configured receiver on the Indexer but I am still unable to see Windows event logs when searched. Could someone please help? I am new to Splunk.
↧