About the Splunk App for Windows
This documentation does not apply to the most recent version of WindowsApp. Click here for the latest version.
About the Splunk App for Windows
The Splunk App for Windows provides data inputs, searches, reports, alerts, and dashboards for Windows management. You can monitor, manage, and troubleshoot Windows operating systems from one place. Included are a set of file, event log, performance monitoring, and other inputs for collecting CPU, disk, I/O, memory, log, configuration, and user data.
You can use the Splunk App for Windows to:
- Get information about who's logged into your system, including information on authorized and unauthorized login attempts and excessively long sessions.
- Chart CPU, memory, network and disk utilization across one or more systems (using performance monitoring inputs)
- Learn which Windows Update patches installed successfully on systems, and which did not.
How does it work?
The Splunk App for Windows runs on top of a Splunk instance and gathers various system metrics, including:
- Hardware information such as CPU type and count; available hard drives; network interface cards, count, and memory, as well as CPU statistics (using performance monitoring inputs).
- Disk information such as available disk space and associated input/output statistics for devices and partitions (using performance monitoring inputs).
- Network statistics including information about the configured network interfaces, connections, and throughput metrics.
- User statistics including number of logins per account, longest active sessions, and security-related information.
The app presents this data to you with reports and dashboards to give you full visibility into your Windows systems.
How to get the Splunk App for Windows
Download the Splunk App for Windows from Splunkbase.
This documentation applies to the following versions of WindowsApp: 4.5.1 , 4.5.2 View the Article History for its revisions.