What are the limitations of Splunk Docker Logging driver vs Universal Forwarder?
What is the best option between Splunk logging driver for Docker or Universal forwarder running on the host or inside the container for sending logs to an indexer server? What are the limitations of...
View Articleincreasing maxKBPS for only one splunk forwarder host
Hi Splunkers , I am getting this splunkd log entry in only one splunk forwarder . 05-09-2018 08:11:39.579 +0000 INFO ThruputProcessor - Current data throughput (258 kb/s) has reached maxKBps. As a...
View ArticleHow to configure Universal Forwarder on my personal machine where Splunk...
I installed Splunk Universal Fwd and Splunk Enterprise on my C drive. I created a sample file and modified the inputs.conf as mentioned in one of the ans(link given below) and enabled the receiver by...
View ArticleWhy am I unable to forward data from Universal forwarder?
I am trying to index new data and it is not happening. I am indexing a single log file that is being written to by the server when ever new events are added. I put this statement into the MSIADDED...
View ArticleUniversal forward installed on windows server but can't get the logs for that...
Hi Everyone, I am testing universal forwarding in our testing environment and also installed universal forwarder in one of windows server, but can't get the desire logs. My test environment included...
View ArticleDoes the Universal forwarder collect historical windows event logs?
I have installed the UF on a number of servers and I configured ti to monitor the winodws event logs (Application, System, Security). It looks like the UF has only picked up the event logs starting...
View ArticleHow do I enable a UF to accept REST API commands?
I'm reading through all of the API docs, and I am executing GET API calls against my search head successfully. However, I want to restart the separate universal forwarder and edit inputs.conf via the...
View ArticleUniversal forwarder Manual Installation
I am trying to install Splunk Insights .. Installed splunk Server .. when i am trying to install Forwarder am not allowing to do that in my Environment so i tried manually to install Agent.. and it is...
View ArticleCorrect path to IIIS logs
Trying to setup the Universal Forwarder on the Web Server to forward IIS logs to SPLUNK. The Windows Event log ARE forwarding correctly. My IIS logs are NOT stored in the default location so I'm trying...
View ArticleSplunk UF: getting error ERROR ExecProcessor
Hi - I saw these errors in SPlunkd.log. our UF is currenlty down and cannot be restarted. I'm not sure if these errors impacts the UF itself but what does it mean if i get these errors in UF...
View ArticleWhat are the pros and cons of installing a UF on same machine as my Splunk...
I know it is possible to install a UF on the same machine as my Splunk instance as stated in these posts: 1....
View ArticleUniversal forwarder not forwarding
Hello, I'm trying to forward logs from azLog (Azure log integration) into my splunk indexer. Both are running on AWS instances. Everything seems to be configured correctly except that I don't see...
View ArticleIs it possible to write a lightweight custom forwarder to collect data, and...
We're trying to determine if Splunk is appropriate for our scenario, which is to monitor our own agent that runs on our users' PCs and Macs. We have several million customers, and it seems like it...
View ArticleCan we use the usual Splunk Universal Forwarder to collect and send metrics...
When you deploy Splunk Insights for Infrastructure you use the specific script to install a forwarder. Can we use Splunk Universal Forwarder to collect and send metrics to Splunk Insights for...
View ArticleQualys scan detecting various SSL certificate vulnerabilities: How to resolve...
Our Qualys report detected various SSL certificate vulnerabilities for any devices using Splunk universal forwarder via 8090. We have deployment server configured to push configuration to servers...
View ArticleIm getting Universal forwarder setup failed preamaturely error when i try to...
Im getting Universal forwarder setup failed preamaturely error when i try to upgrade from 6.4.1 to 6.5.2. Running the install as administrator
View ArticleWhy is my server name not displayed as host?
I have a UF installed on my local machine and I installed a different UF on a server which I remotely connect to. Whenever I forward files from the remote server it works well but instead of the "host"...
View ArticleUniversal Forwarder Support for Mac OSX 10.13?
I noticed on the download page that Splunk Enterprise is supported on OSX 10.13 but the Universal Forwarder is not. Setting aside the kerfuffle caused by the new OSX logging mechanisms, is there any...
View ArticleInstallation Universal Forwarder on Citrix Provisioning servers
Hi there, i followed the install [instructions](https://docs.splunk.com/Documentation/Splunk/7.0.3/Admin/Integrateauniversalforwarderontoasystemimage) for the installation of the splunk UF in our...
View ArticleOne search head to search across two separate indexer clusters?
I am running two setups of Splunk, one is in Datacenter and another is in AWS. DC : 2 Node search heads, 3 nodes : indexers, 1 deployment server & license manager AWS : 2 Node search heads, 3 nodes...
View Article