Splunk® App for Windows Infrastructure (Legacy)

Deploy and Use the Splunk App for Windows Infrastructure

On October 20, 2021, the Splunk App for Windows Infrastructure will reach its end of life. After this date, Splunk will no longer maintain or develop this product. The functionality in this app is migrating to a content pack in Data Integrations. Learn about the Content Pack for Windows Dashboards and Reports.
This documentation does not apply to the most recent version of Splunk® App for Windows Infrastructure (Legacy). For documentation on the most recent version, go to the latest release.

Permissions checklist

This topic details the list of permissions you must have in order to install the Splunk App for Windows Infrastructure.

Administrative access to Active Directory

In order to make changes to Active Directory services, such as enabling debug logging in DNS and increasing Active Directory audit policy, you must be a domain administrator in the Active Directory domain(s) you want to monitor.

Administrative access to Windows servers

You must have administrative access to all Windows hosts in the Splunk App for Windows Infrastructure deployment. The hosts in the deployment require this access to install Splunk Enterprise. Any hosts in the field also require this access to install universal forwarders. Splunk Enterprise must run as a user with administrative access to the host (usually, the Local System user).

Last modified on 17 December, 2014
Platform and hardware requirements   What data the Splunk App for Windows Infrastructure collects

This documentation applies to the following versions of Splunk® App for Windows Infrastructure (Legacy): 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.2.0, 1.2.1, 1.3.0, 1.4.0


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters