How this add-on fits into the Splunk picture
The Splunk Add-on for Windows is one of a variety of apps and add-ons available within the Splunk Enterprise ecosystem. All Splunk apps and add-ons run on top of a core Splunk Enterprise installation. You install Splunk Enterprise first, and then install the Splunk Add-on for Windows.
Sample layout
The following diagram depicts an example of the use of the Splunk Add-on for Windows:
This diagram shows a typical deployment for the Splunk App for Windows Infrastructure, which uses the Splunk Add-on for Windows heavily. In this diagram, we have highlighted the places where you install the Splunk Add-on for Windows in light blue.
In many cases, the add-on collects Windows information from Windows hosts. In some other cases, such as on the indexer, the add-on provides data models and field extractions for the Splunk App for Windows Infrastructure and other Splunk apps. In others, it combines with other add-ons such as the Splunk Supporting Add-on for Active Directory to provide additional knowledge objects.
Learn more about Splunk and Splunk apps
- For details about apps and add-ons, refer to "What are apps and add-ons?" in the Splunk Enterprise documentation.
- To download Splunk, visit the download page on splunk.com.
- To get more apps and add-ons, visit Splunk Apps.
| New to Splunk? | How to get support and find more information about Splunk |
This documentation applies to the following versions of Splunk® Add-on for Windows: 4.7.0, 4.7.1, 4.7.2, 4.7.3, 4.7.4, 4.7.5, 4.8.0, 4.8.1, 4.8.2, 4.8.3, 4.8.4
Download manual
Feedback submitted, thanks!