Introduction for Windows admins
This is the Getting started chapter for Windows Administrators. If you're looking for information on Splunk for Windows, you've come to the right place.
What's the purpose of this chapter?
Splunk is a powerful, effective tool for Windows administrators to resolve problems that occur on their Windows networks. Its out-of-the-box feature set positions it to be the secret weapon in the Windows administrator's toolbox. The ability to add apps that augment its functionality makes it even more extensible. And it has a growing, thriving community of users.
This page is written with this group of users in mind. It's intended to be a central resource for Windows administrators to refer to in order to get the most out of Splunk. It provides documentation and links on how to install, evaluate, deploy, maintain and troubleshoot Splunk on Windows. This makes it easier for Windows customers to consult specific reference and procedures about how to implement and customize their Splunk on Windows experience.
How to use this chapter
This chapter has topics that will help you experiment with, learn, deploy, and get the most out of Splunk. The topics reference other material in the Splunk documentation that is of interest to Windows administrators.
Try Splunk out explains how to evaluate Splunk. In this chapter, you learn what Splunk is. You also learn how to install it and what system requirements need to be met before doing so. This topic is for anyone who does not have any experience with Splunk on Windows, and for beginners who want to evaluate the product.
Learn what Splunk does describes Splunk's capabilities. It provides links to several areas of the documentation that explain in detail how to index, search, report and alert on data coming into Splunk. In this topic, you learn how it works on the Windows platform, and what Windows components Splunk is capable of monitoring. This topic is for administrators who want to understand the inner workings of Splunk.
Integrate Splunk into your enterprise provides guidance on how to add Splunk to an existing Windows network, or incorporate it into a new one. It's meant for senior administrators or IT directors. Included in this topic are high-level planning scenarios for Splunk integration as well as various step-by-step procedures on how to incorporate Splunk into systems and networks.
Get the most out of Splunk caters to administrators or managers who have already integrated Splunk into their environments and need reference or tips on keeping Splunk running. It provides tips on how to troubleshoot Windows-specific problems that occur throughout the course of its operation.
Depending on your circumstances and experience level, you can read through one or more of these topics at your leisure. You can do this in sequence, or go directly to the topic that best suits your needs. Later, you can use this topic as a point of reference, if needed.
Those new to Splunk on Windows should read this chapter from beginning to end. If you already know how to use Splunk and just want technical or reference information, the later topics are more appropriate for your needs.
If you need help
If you are looking for in-depth Splunk knowledge, a number of education programs are available.
When you get stuck, Splunk has a large free support infrastructure that can help:
- Splunk Answers.
- The Splunk Community Wiki.
- The Splunk Internet Relay Chat (IRC) channel (EFNet #splunk). (IRC client required)
If you still don't have an answer to your question, you can get in touch with Splunk's support team. The Support Contact page tells you how to do that.
Note: Levels of support above the community level require an Enterprise license. To get one, you'll need to speak with the Sales team.
Thanks for reading!
Use Splunk Web with a proxy server
Try Splunk out
This documentation applies to the following versions of Splunk® Enterprise: 4.3, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.3.5, 4.3.6, 4.3.7, 5.0, 5.0.1, 5.0.2, 5.0.3, 5.0.4, 5.0.5, 5.0.6, 5.0.7, 5.0.8, 5.0.9, 5.0.10, 5.0.11, 5.0.12, 5.0.13, 5.0.14, 5.0.15, 5.0.16, 5.0.17, 5.0.18