Learn how to configure the universal forwarder and start sending data to Splunk.
- [Instructor] Now that we have the Splunk…forwarder set up, we're ready to add our Splunk…server and some data sources on the remote machine.…This is configured via a set of .com files…and they live in this directory.…It's opt/splunkforwarder/etc/system.…Let me list those files.…The default config is in the default subdirectory.…But instead of editing those files…and potentially losing some useful defaults,…you can create your own custom copies…in the local subdirectory.…
In fact, if you head over to the main Splunk…server and look in opt/splunk/etc/system/local,…you'll see that the Splunk web interface…actually creates its own files here as a way…to save your config changes.…I wanted to start by talking about the files…because I know a lot of people like to use a tool…like Puppet or Chef to manage their configuration.…You should be able to manage your config…directly by generating these files.…We don't need to edit these files to get our…initial configuration.…
Thankfully, we can use the Splunk CLI…to get things configured.…
- Installing Splunk
- Filtering search data
- Advanced search syntax
- Creating reports and dashboards
- Creating alerts and actions
- Configuring remote data and multiple data streams
Skill Level Beginner
DevOps Foundations: Monitoring and Observabilitywith Ernest Mueller2h 12m Intermediate
1. Tour of Major Features
3. Reporting and Dashboards
5. Practical Splunk
Next steps1m 57s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.