About the Splunk Add-on for Windows
The Splunk Add-on for Windows provides data inputs for Windows management. You can monitor, manage, and troubleshoot Windows operating systems from one place. The add-on comes with a set of file, event log, performance monitoring, and other inputs for collecting CPU, disk, I/O, memory, log, configuration, and user data.
You can install the Splunk Add-on for Windows on a forwarder and send data from Windows hosts to a Splunk Enterprise instance that runs an app like the Splunk App for Windows Infrastructure, Splunk IT Service Intelligence, or other Splunk apps.
How does it work?
The Splunk Add-on for Windows runs on a Splunk search head, indexer or forwarder that runs on a Windows host and gathers various system metrics using a number of data inputs. These include but are not limited to:
- Hardware information such as CPU type and count; available hard drives; network interface cards, count, and memory, as well as CPU statistics (via performance monitoring inputs).
- Disk information such as available disk space and associated input/output statistics for devices and partitions (via performance monitoring inputs).
- Network information including information about the configured network interfaces, connections, and TCP/UDP transfer statistics (using performance monitoring inputs).
- User statistics including number of logins per account, longest active sesions, and security-related information.
How do I get it?
Download the Splunk Add-on for Windows from Splunkbase.
New to Splunk?
This documentation applies to the following versions of Splunk® Add-on for Windows: 4.8.3, 4.8.4