Hello,
Can someone please direct to me splunk docs tutorial or any video that would show me how to use the heavy forwarder?
I have a sample event, lets say 5 fields. I want 2 fields to go to the Indexer. I do care about routing as I just want these two fields to stay together in the same index whenever they go.
Can someone show me an example of how to configure this in the heavy forwarder?
↧