위키
포럼
도구
바뀐글
랜덤

"Outputs.conf"의 두 판 사이의 차이

8번째 줄: 8번째 줄:
==system default==
==system default==
* /opt/splunkforwarder/etc/system/default/outputs.conf
* /opt/splunkforwarder/etc/system/default/outputs.conf
<source lang='properties'>
<source lang='autoconf'>
#  Version 5.0.3
#  Version 5.0.3


37번째 줄: 37번째 줄:


==apps default==
==apps default==
<source lang='properties'>
<source lang='autoconf'>
#  Version 5.0.3
#  Version 5.0.3
[tcpout]
[tcpout]

2013년 12월 2일 (월) 01:44 판

1 개요

outputs.conf
/opt/splunkforwarder/etc/system/default/outputs.conf
/opt/splunkforwarder/etc/apps/SplunkUniversalForwarder/default/outputs.conf
  • Splunk Forwarder 설정 파일
  • 목적지(스플렁크 서버) 설정

2 system default

  • /opt/splunkforwarder/etc/system/default/outputs.conf
#   Version 5.0.3

[tcpout]
maxQueueSize = 500KB
forwardedindex.0.whitelist = .*
forwardedindex.1.blacklist = _.*
forwardedindex.2.whitelist = (_audit|_internal)
forwardedindex.filter.disable = false
indexAndForward = false
autoLBFrequency = 30
blockOnCloning = true
compressed = false
disabled = false
dropClonedEventsOnQueueFull = 5
dropEventsOnQueueFull = -1
heartbeatFrequency = 30
maxFailuresPerInterval = 2
secsInFailureInterval = 1
maxConnectionsPerIndexer = 2
forceTimebasedAutoLB = false
sendCookedData = true
connectionTimeout = 20 
readTimeout = 300
writeTimeout = 300 
useACK = false

3 apps default

#   Version 5.0.3
[tcpout]
maxQueueSize = 500KB
forwardedindex.0.whitelist = .*
forwardedindex.1.blacklist = _.*
forwardedindex.2.whitelist = _audit
forwardedindex.filter.disable = false

4 같이 보기

원본 주소 "https://zetawiki.com/w/index.php?title=Outputs.conf&oldid=46530"