Refine your search:

Configure SplunkForwarder on HP-UX

0

Hello, My task is to forward data from HP-UX to syslog server. I have to monitor some files for the changes in some directory f.ex: /etc. The configuration of the /etc/system/local/inputs.conf

[default]

index         = default
[monitor:/scripts]
index = _internal

[fschange:/etc]
pollPeriod = 600
signedaudit=true
recurse=true
followLinks=false
hashMaxSize=-1
fullEvent=true
sendEventMaxSize=-1
filesPerDelay = 10

The configuration of the /etc/system/local/outputs.conf

[syslog]
defaultGroup = my_syslog

[syslog:my_syslog]
server = 192.168.4.14:514
priority = 34

is it enough? (I can't see any messages in syslog server after splunk restart) Or I need to configure files props.conf and transforms.conf as well?

Thanks for help

asked 14 Jun '11, 04:58

aketishvili's gravatar image

aketishvili
1
accept rate: 0%

edited 14 Jun '11, 06:25

dwaddle's gravatar image

dwaddle ♦
15.5k2924
Be the first one to answer this question!
toggle preview

Follow this question

Log In to enable email subscriptions

RSS:

Answers

Answers + Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Tags:

×22
×20

Asked: 14 Jun '11, 04:58

Seen: 886 times

Last updated: 14 Jun '11, 06:25

Related questions

splunkforwarder

Installing Splunk on HP-UX

How to uninstall Splunk on HP-UX

*nix App for HP-UX

Process HP-UX Audit logs

Splunk 4.2 for HP-UX is buggy..

Splunk Forwarder HPUX 11.11 Support

Splunk and HP Automator Agent (Opsview)

Data from HP-UX seems to be missing

Copyright © 2005-2012 Splunk Inc. All rights reserved.