I have an indexer, search head, heavy forwarder and license master server configured. I also have a test server (host) with the Splunk agent installed. I am new to all of this and standing this up in our test environment and wanted to get started by getting logs from the test server....to the heavy forwarder......to the indexer....so they can be parsed and searched from the search head server. I'm not quite sure how to make all this happen, even after reading docs and watching some videos, so I'd be happy to try any of your suggestions.
Thanks in advance.
↧