Splunk® App for Windows Infrastructure (Legacy)

Deploy and Use the Splunk App for Windows Infrastructure

Acrobat logo Download manual as PDF


On October 20, 2021, the Splunk App for Windows Infrastructure will reach its end of life. After this date, Splunk will no longer maintain or develop this product. The functionality in this app is migrating to a content pack in Data Integrations. Learn about the Content Pack for Windows Dashboards and Reports.
Acrobat logo Download topic as PDF

About the Splunk App for Windows Infrastructure

Overview

The Splunk App for Windows Infrastructure gives you deep visibility into the health and performance of your Microsoft Windows Server and Active Directory environments.

It includes components that let you monitor system, server, network, and printer availability. It includes modules which allow you to monitor other aspects of your Windows network, including:

  • Microsoft Windows Server (through the separately available Splunk Add-on for Windows)
  • Microsoft Windows Server Active Directory (through the included Splunk Supporting Add-on for Microsoft Windows Active Directory suite)

Use the Splunk App for Windows Infrastructure to:

  • Identify infrastructure problems, such as non-running services and load issues
  • Monitor the performance of all servers throughout your Windows environment
  • Monitor security events, such as virus outbreaks and anomalous logons
  • Track administrative changes to the environment
  • Plan for capacity expansion

Important: Read and understand the Splunk App for Windows Infrastructure's platform and hardware requirements before downloading and attempting to install the app. Also, learn what data the app collects.

If you're using TA-Windows version 6.0.0 or later, you don't need TA_AD and TA_DNS. TA_AD and TA_DNS are merged with TA-Windows version 6.0.0.

How does it work?

Splunk universal forwarders gather logs and performance metrics from the following components of your Microsoft Windows deployment:

  • Windows Server (via the Splunk Add-on for Windows)
  • Active Directory

Splunk Universal forwarders then send them to a central Splunk instance that runs Splunk App for Windows Infrastructure. The app provides reports and dashboards that allow you to review the status of your Windows services.

If you're using TA-Windows version 6.0.0 or later, you don't need TA_AD and TA_DNS. TA_AD and TA_DNS are merged with TA-Windows version 6.0.0.

How do I get it?

Download the Splunk App for Windows Infrastructure from Splunkbase.

How do I install it?

The Splunk App for Windows Infrastructure has a revamped installation procedure. See "How to deploy the Splunk App for Windows Infrastructure" to read about it.

How do I upgrade from a previous version?

If you already run a previous version of the Splunk App for Windows Infrastructure, you can follow the upgrade instructions.

For information on what's new, as well as any known issues in this version, review the release notes.

Last modified on 17 October, 2019
  NEXT
New to Splunk?

This documentation applies to the following versions of Splunk® App for Windows Infrastructure (Legacy): 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4


Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters