About the Splunk App for Windows Infrastructure
Overview
The Splunk App for Windows Infrastructure gives you deep visibility into the health and performance of your Microsoft Windows Server and Active Directory environments.
It includes components that let you monitor system, server, network, and printer availability. It includes modules which allow you to monitor other aspects of your Windows network, including:
- Microsoft Windows Server (through the separately available Splunk Add-on for Windows)
- Microsoft Windows Server Active Directory (through the included Splunk Add-on for Active Directory suite)
Use the Splunk App for Windows Infrastructure to:
- Identify infrastructure problems, such as non-running services and load issues
- Monitor the performance of all servers throughout your Windows environment
- Monitor security events, such as virus outbreaks and anomalous logons
- Track administrative changes to the environment
- Plan for capacity expansion
Important: Read and understand the Splunk App for Windows Infrastructure's platform and hardware requirements before downloading and attempting to install the app. Also, learn what data the app collects.
How does it work?
Splunk universal forwarders gather logs and performance metrics from the following components of your Microsoft Windows deployment:
- Windows Server (via the Splunk Add-on for Windows)
- Active Directory
and send them to a central Splunk instance that runs Splunk App for Windows Infrastructure. The app provides reports and dashboards that allow you to review the status of your Windows services.
How do I get it?
The Splunk App for Windows Infrastructure is available for download from Splunk Apps.
How do I upgrade from a previous version?
This is the first version of the Splunk App for Windows Infrastructure. Splunk intends for this app to replace both the Splunk App for Windows and the Splunk App for Active Directory. This means that there is no direct upgrade path from either the Splunk App for Windows or the Splunk App for Active Directory to the Splunk App for Windows Infrastructure.
If you currently run the Splunk Apps for Windows or Active Directory, you can install the Splunk App for Windows Infrastructure onto the same Splunk instance as the existing app(s). The new version allows you to configure it to view and display the data you have already collected with the Splunk Apps for Windows and Active Directory. Once you have confirmed that this app sees all your data, you can delete the older apps. See "How to deploy the Splunk App for Windows Infrastructure" for installation instructions.
For information on what's new, as well as any known issues in this version, review the release notes.
New to Splunk? |
This documentation applies to the following versions of Splunk® App for Windows Infrastructure (Legacy): 1.0.2
Feedback submitted, thanks!