data.destination.splunk > wizard

The data.destination.splunk > wizard command allows you to configure the Splunk output settings.

Syntax

data.destination.splunk > wizard

Example

data.destination.splunk > wizard


Do you want to configure data output splunk settings y/n [y]:
y
Please use: '?' for help on available command options.
Please enter splunk indexers:
10.1.1.0
ok
Do you want to add more values? y/n [n]:

Please enter splunk index name[ xyz ]:
abc
ok
Please enter splunk source type[ ib:dns:captures ]:
Settings unchanged.
Please enter splunk default indexer port[ 9997 ]:
9997
ok
Please enter splunk mode[ disabled ]:
hold
ok
Indexers:
10.1.1.0
Index name is abc
Source type is ib:dns:captures
Default indexer port is 9997
The output mode is hold
Is it correct? y/n [y]:
y
Setup wizard finished successfully