Splunk® Supported Add-ons

Splunk Add-on for Microsoft Exchange

About the Splunk Add-on for Microsoft Exchange

The Splunk Add-ons for Microsoft Exchange let you collect Exchange data from the hosts in your Exchange Server environment. The add-ons have been designed to work with the Splunk App for Microsoft Exchange, but are now available as a separate download from Splunkbase. You can use them with the app or to provide knowledge objects for Splunk Enterprise dashboards that you design by yourself.

Get the add-ons

The Splunk Add-ons for Microsoft Exchange are available on Splunkbase.

Install the add-ons

The add-ons require configuration before they can be used. Each add-on must be configured for the version of Exchange Server or Windows Server (for TA-Windows-Exchange-IIS) that you run in your Exchange Server environment. See the "Configure" topics in the chapter for each add-on for installation instructions.

See Where to install Splunk add-ons and Install an add-on in a distributed Splunk Enterprise deployment in the Add-ons Overview manual for more information about deploying the Splunk Add-on for Microsoft Exchange.

Prerequisites

  • Ensure that the SplunkForwarder service is running as a domain user account and that the account has Records Management and Organization Management roles assigned.
  • Download the Splunk Add-on for Microsoft Exchange Indexes from Splunkbase for required index definitions to store the data.

Add-on package contents

The Splunk Add-ons for Microsoft Exchange come in a bundle and include the following:

The Exchange server versions 2008, 2010, 2013 are all End of Life (EOL). The Add-on is only supported with 2016 and 2019.

TA-Exchange-ClientAccess

This add-on collects Exchange data from Exchange Server hosts that hold the Client Access Server role. See Overview of TA-Exchange-ClientAccess.

TA-Exchange-Mailbox

This add-on collects Exchange data from Exchange Server hosts that hold the Mailbox Store/Mailbox Server roles. See Overview of TA-Exchange-Mailbox.

TA-Windows-Exchange-IIS

This add-on collects Internet Information Server (IIS) data from Exchange Server hosts that hold the Client Access Server role. It must be configured for the version of Windows Server that the Exchange Client Access Server hosts run. See Overview of TA-Windows-Exchange-IIS.

Splunk Add-on for Microsoft Exchange Component Installation Locations

The table below lists what components to install and where to install them:

Add-on Indexer Universal Forwarder Heavy Forwarder
TA-Exchange-ClientAccess X
TA-Exchange-Mailbox X
TA-Windows-Exchange-IIS X
TA-SMTP-Reputation X
Splunk Add-on for Microsoft Exchange Indexes X
Last modified on 16 July, 2024
  Release Notes for Splunk Add-ons for Microsoft Exchange

This documentation applies to the following versions of Splunk® Supported Add-ons: released

Acrobat logo Download manual
Acrobat logo Download this page

Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters