![]() Installing the Veeam Technology Addon for Splunk on the Veeam serverĪs you remember, we downloaded the “Veeam Backup Monitor for Splunk” which also consists of the TA (Technology Addon) which has to be placed on the Veeam Backup & Replication server. Now that our Veeam Backup & Replication Server is properly communicating with our Splunk server we are able to install the technology addon on our Veeeam Backup & Replication server. With “windows host =”HOSTNAME”” you are able to search for your server and its logs, which functions correctly here ! That means, that the data collection respectively the connection from the Veeam server over TCP 9997 to our Splunk server is working as desired. Head to “Search and Reporting” and search for your windows host which is your Veeam Backup & Replication server. If everything went successful, you should be able to see Windows Event Logs in your Splunk webinterface. Also make sure to add your Splunk Server in Step 8, meaning connecting to your receiver. Make sure to choose which “general” Windows logs you want to push. I documented the installation of the universal forwarder in the above gallery. The universal proxy is also downloadble from the splunk website.Īfter downloading the universal forwarder, start the installation as an administrator on your Veeam Backup & Replication server. Installing the universal forwarder on the Veeam server Now that our Splunk server is listening and receiving data from this TCP port we can head to our Veeam Backup & Replication server and install the universal forwarder. How to enable receivers is also listed in the documentation of Splunk.įor adding a receiver, log in to your webinterface and navigate to Settings -> Data -> Forwarding and Receiving -> Add newĪfter clicking on “Forwarding and receiving”, add a new receiver with the right hand button “+Add new”Įnter the desired port on which the receiver should listen to and click the save button. Since the configuration is fairly easy with the webinterface, i will cover this way here. This can be achieved either with the webinterface or the CLI. Since we already have configured our firewalls to use TCP port 9997, we only have to enable respectively add our receiver. Configuring Splunk Receiverįirst of all we need to enable our Splunk Receiver. In the end we will be able to monitor our Windows Veeam Backup & Replication Server as well as the data which the technology addon pushes to the Splunk server. The Veeam technology addon for Splunk will be covered in this article aswell, as it is responsible for pushing data to our Splunk server. This final part of the series now covers on how to set up the universal forwader on the Veeam server and how to establish a connection to our Splunk server.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |