Content Pack for Monitoring Microsoft Windows

Content Pack for Monitoring Microsoft Windows

This documentation does not apply to the most recent version of Content Pack for Monitoring Microsoft Windows. For documentation on the most recent version, go to the latest release.

About the Content Pack for Monitoring Microsoft Windows

The Content Pack for Monitoring Microsoft Windows provides the elements necessary for monitoring your OS health related to Windows servers. It uses the heavy or universal forwarder and an add-on to collect and send data to event indexes. This content pack relies on the Splunk Add-on for Microsoft Windows, where the collected data is sent to event indexes. For more information, see the Splunk Add-on for Microsoft Windows.

The content pack includes a preconfigured service template for monitoring OS health metrics for CPU, memory, disk, and network. The KPIs in the service template are configured for general purposes only and must be tuned to accommodate your specific use case

Content pack contents

This content pack contains the following objects:

  • OS-level KPIs
  • Eight KPI base searches:
    • OS:Performance.WIN.CPU
    • OS:Performance.WIN.LogicalDisk
    • OS:Performance.WIN.Memory
    • OS:Performance.WIN.Network
    • OS:Performance.WIN.PhysicalDisk
    • OS:Performance.WIN.Process
    • OS:Performance.WIN.System
    • OS:Performance.WIN.WinHostMon
  • A service template: Windows server health
  • A sample service to use for testing entity filtering and KPI thresholds: SAMPLE - Windows server health to use for testing entity filtering and KPI thresholds.

ITSI and ITE Work support

The content in the Content Pack for Monitoring Microsoft Windows is only supported in ITSI.

Installation

If you're using ITSI version 4.9 or later, you can install the Content Pack for Monitoring Microsoft Windows after installing the Splunk App for Content Packs. Install the content pack on the same search head where you installed ITSI. For installation instructions, see Install and configure the Content Pack for Monitoring Microsoft Windows.

If you're using ITSI version 4.8 or earlier, you need to install the content pack using the backup ZIP file. For installation instructions, see Install and configure the Content Pack for Monitoring Microsoft Windows.

Deployment requirements

Use the following table to determine ITSI version compatibility with various versions of the Content Pack for Monitoring Microsoft Windows:

Content pack version ITSI version
1.0.1 4.7.0 or higher
1.0.0 4.2.1 - 4.6.2

Additional resources

Last modified on 07 February, 2022
  Release notes for the Content Pack for Monitoring Microsoft Windows

This documentation applies to the following versions of Content Pack for Monitoring Microsoft Windows: 1.0.1

Acrobat logo Download manual
Acrobat logo Download this page

Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters