Eventgen 실행해보기

사전 조건 : WSL2 환경에 스플렁크 설치
https://myinbox.tistory.com/268

## 이벤트젠 설치
https://splunkbase.splunk.com/app/1924

## 샘플 번들 설치
https://github.com/splunk/eventgen/blob/develop/tests/sample_bundle.zip
바탕화면에 압축 풀어서 splunk apps 폴더에 복제
sudo cp -r /mnt/c/Users/[myid]/Desktop/sample_bundle /opt/splunk/etc/apps/

## 입력 활성화
설정 > 데이터 입력 > Eventgen > 활성화

## 새로고침
http://localhost:8000/ko-KR/debug/refresh

 

## 검색해보기
index=main sourcetype=json source=film.json
1000 개의 이벤트 검색됨
만약 안되면 sudo /opt/splunk/bin/splunk restart 로 재시작 후 다시 검색 

---

https://splunk.github.io/eventgen/
https://dev.classmethod.jp/articles/splunk-loggenerator-eventgen/