O'Reilly logo

Splunk 7 Essentials - Third Edition by Betsy Page Sigman, Erickson Delgado, J-P Contreras

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Log files as data input

As mentioned earlier in this chapter, any configuration you make in the Splunk portal corresponds to a *.conf file written under the $SPLUNK_HOME directory. The same goes for the creation of data inputs; adding data inputs using the Splunk user interface creates a file called inputs.conf.

For this exercise use the windows_perfmon_logs.txt file provided in the Chapter 2/samples.

Now that you have an index to store Windows logs, let's create a data input for it, with the following steps:

  1. Go to the Splunk home page.
  2. Click on your Destinations app. Make sure you are in the Destinations app before you execute the next steps, or your configuration changes won't be isolated to your application.
  3. In the Splunk navigation bar, ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required