Differences

This shows you the differences between two versions of the page.

--- splunk [2023/12/22 07:34] – [Set-Up Forwarding] baumi
+++ splunk [2024/01/11 09:41] (current) – baumi
@@ Line 1: / Line 1: @@
-====== Splunk on Linux ======
+====== Splunk Installation ======
-===== Install Indexer / Heavy Forwarder =====
+==== Install Indexer / Heavy Forwarder ====
 <code>
 sudo useradd -m -d /opt/splunk -s /bin/bash -U splunk && \
@@ Line 9: / Line 9: @@
 </code>
-===== Configure Receiver to receive data =====
+==== Configure Receiver to receive data ====
 https://docs.splunk.com/Documentation/Splunk/9.1.2/Forwarding/Enableareceiver
 <code>
@@ Line 18: / Line 18: @@
 </code>
-===== Set-Up Forwarding =====
+==== Set-Up Forwarding ====
 https://docs.splunk.com/Documentation/Splunk/9.1.2/Forwarding/Deployaheavyforwarder
 <code>
@@ Line 32: / Line 32: @@
 ==== Forward to more than one destinations ====
 /opt/splunk/etc/system/local/outputs.conf
-<code>
+<file text outputs.conf>
 [tcpout]
 defaultGroup = group1,group2
@@ Line 44: / Line 44: @@
 disabled = false
 server = receiver2:9997
-</code>
+</file>
-===== Universal Forwarder =====
+==== Universal Forwarder ====
 <code>
 useradd -m -d /opt/splunkforwarder -s /bin/bash -U splunkfwd && \
@@ Line 54: / Line 54: @@
 </code>
-{{tag>linux splunk}}
+{{tag>kb linux splunk}}