Breadcrumbs

Configuration on Splunk Enterprise

  1. Log in to the machine where Splunk Enterprise has been installed.

  2. Open and log in to the Splunk Enterprise application.

  3. Click Settings and Indexes, then click New Index.

    1. Enter the same index name given in the inputs.conf file in the Index Name field and select Search & Reporting from the App dropdown.

image-20251126-032355.png

Index name configuration

image-20251126-112307.png


App configuration

  1. Click the Save button.

  2. Click Settings and Forwarding & Receiving, then click the +Add new button under the Receive data section.

  3. Type 9997 in the Listen on this port field and click the Save button.

image-20251126-033427.png


Configure the receiving port