I then downloaded the splunk tgz and got that nf file from it. Ĭould anyone suggest a way to only route data from the hostgroup1 to Null queue. I tried to extract the nf file but it returned that the nf file was not present. I would want to only send Hostgroup1 which starts with ABCDEF, there are around 500+ hosts in the host group starting with ABCDEF. The WMI events (example eventcodes, type, log source etc) are mostly common for all the hosts and hence if i use either of these common fields all of my data will be sent to null queue. conf22 sessions across Security, ITOps and Observability.
#Splunk .conf windows
I am trying to route my WMI data to a null queue but want to route data coming through from a specific group of hosts only.Įxample : The Windows WmI data is coming through from different group of hosts listed below .conf & SplunkLive Data-Centric Security for Comprehensive Protection and Cybersecurity Resilience By Splunk J.conf & SplunkLive Our Global Partner Summit: Driving Innovation & Impact for Customers By J. .conf Go In Person Event Splunk Manchester Hear from local leaders and regional experts The best of Splunk’s biggest customer event of the year is coming to a city near you Join us to hear from local leaders and regional experts as they share need-to-know insights from. conf files, view and navigation documents take precedence in the following order: SPLUNKHOME/etc/users/username/appname/local: When a new.
0 kommentar(er)
