Category: Splunk

Splunk Notes

To configure the Splunk Forwarder from the command line. # splunk add forward-server 192.168.1.176:9997# splunk add monitor /var/log/messages# splunk restart# splunk list forward-server On a Linux box, you may need to add these ports to the firewall. # firewall-cmd –add-port 8000/tcp –permanent# firewall-cmd –add-port 9997/tcp –permanent# firewall-cmd –reload

May 13, 2021

Splunk Notes