Category: Splunk
-
Splunk Notes
To configure the Splunk Forwarder from the command line. # splunk add forward-server 192.168.1.176:9997# splunk add monitor /var/log/messages# splunk restart# splunk list forward-server On a Linux box, you may need to add these ports to the firewall. # firewall-cmd –add-port 8000/tcp –permanent# firewall-cmd –add-port 9997/tcp –permanent# firewall-cmd –reload