Hi i am new to splunk and recently just setup a forwarder (Ubuntu system) and a indexer (Window 7). Would like to use shell script to forward data to indexer but not too sure how i should code the shell script for it to work. For example if i wan to forward info on (ls -l $Home) how should i put it in the script for splunk to read it?
the ls -l $Home should display something like: drwxr-xr-x 2 test test 4096 Sep 16 17:47 Desktop drwxr-xr-x 2 test test 4096 Sep 14 16:11 Documents drwxr-xr-x 2 test test 4096 Sep 14 18:02 Downloads
i tried creating a test.sh with content (ls -l $Home) to test but it does not work. Really hope someone would give me an example on this thanks.