![]() ![]() Here is the output of the nf file, on the Win server (C:\Program Files\SplunkUniversalForwarder\etc\apps\Splunk_TA_microsoft_dns\default\nf). I can see the DNS events being logged in "C:\Windows\System32\winevt\Logs\Microsoft-Windows-DNSServerJnalytical.etl" and I can see this log file growing in size (over 512 KB right now). I enabled the DNS logging on the Win server using the steps here: I cannot see any DNS logs in Splunk after installing the app on both the Splunk server and the Win server. I can see event logs from the Windows Server 2012 R2 host in Splunk. $SPLUNK_HOME is not set on the deployment client, so need to explicitly add the full path to SplunkUniversalForwarder.Īlso, the Download tarball expands to TA-windnsanalytical not TA-WindowsDNSAnalyticalĬ:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -command "
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |