#splunk, #splunkmonitoring, #windowslogs Hello Friends, This is another video on Splunk, We are setting up splunk universal forwarder windows and how to collect windows logs in splunk.
Checkout my previous tutorial on how to setup splunk deployment server, collect log files from linux machine for better understanding.
With this splunk logs example, we are going to collect event viewer, CPU and Memory of windows machine.
Inputs.conf:
[monitor://C:\Windows\Performance\WinSAT\winsat.log]
disabled = 0
index = windows_logs
sourcetype = Windowslogs
source = C:\Windows\Performance\WinSAT\winsat.log
[WinEventLog://Application]
disabled = 0
index = windows_logs
sourcetype = Windowslogs
[WinEventLog://Security]
disabled = 0
index = windows_logs
sourcetype = Windowslogs
[WinEventLog://System]
disabled = 0
index = windows_logs
sourcetype = Windowslogs
[perfmon://CPU]
disabled = 0
index = windows_logs
counters = % Processor Time
instances = _Total;
object = Processor
interval = 300
[perfmon://LogicalDisk]
disabled = 0
index = windows_logs
counters = % Free Space; Free Megabytes
instances = *
object = LogicalDisk
interval = 300
-----------------------------------------------------------------------------------------------
Outputs.conf
--------------------
[tcpout]
defaultGroup = default-autolb-group
[tcpout:default-autolb-group]
server = 192.168.0.xxx:9997
[tcpout-server://192.168.0.xxx:9997]
Kindly Like and Subscribe!. Appreciate your Support
=================================================
Follow me @:
https://www.instagram.com/thetips4you
https://www.youtube.com/channel/UCoOq...
https://www.facebook.com/thetipsforyou
http://www.thetips4you.com
======================================================
Note: Each word by Word or sentences used in this video is self written and converted to Audio to give explanation on the steps in each tutorial . These are not automated or third party content or scrapped from any website.