Learn what Splunk does
Learn what Splunk does
Once you've tried Splunk out, find out how it can put you in command of your Windows data. Use this section if you're asking yourself how Splunk compares to utilities like Microsoft's System Center suite, or how you can use Splunk to enhance your daily system administration tasks.
Find out how to get data into Splunk using the various Windows-specific data inputs that Splunk provides, including inputs for event logs, the Registry, and more. Or, learn how Splunk monitors performance or changes to Active Directory.
Additional Windows topics of interest:
- An overview of all of the installed Splunk for Windows services (from the Installation Manual)
- What Splunk can monitor (from the Getting Data In Manual)
- Considerations for deciding how to monitor remote Windows data (from the Getting Data In Manual). Read this topic for important information on how to get data from multiple machines remotely.
- Consolidate data from multiple machines (from the Distributed Deployment Manual)
Other useful information:
- Where is my data? (from the Getting Data In Manual)
- Use Splunk's Command Line Interface (CLI) (from the Getting Data In Manual)
- Sources, sourcetypes and fields (from the Getting Data In Manual)
- Fields and field extraction (from the Knowledge Manager Manual)
- Real-time searches (from the User Manual)
- Saved searches (from the User Manual)
- Dashboard creation (from the User Manual)
This documentation applies to the following versions of Splunk: 4.2 , 4.2.1 , 4.2.2 , 4.2.3 , 4.2.4 , 4.2.5 , 4.3 , 4.3.1 , 4.3.2 , 4.3.3 , 4.3.4 , 4.3.5 , 4.3.6 , 5.0 , 5.0.1 , 5.0.2 View the Article History for its revisions.