About the Splunk Add-on for Windows
Important |
---|
On July 14, 2015, Splunk will deprecate support for the Splunk Add-on for Windows on Windows Server 2003 systems.
At that time:
|
The Splunk Add-on for Windows provides data inputs for Windows management. You can monitor, manage, and troubleshoot Windows operating systems from one place. Included are a set of file, event log, performance monitoring, and other inputs for collecting CPU, disk, I/O, memory, log, configuration, and user data.
You can install the Splunk Add-on for Windows on a forwarder to send data from any number of Windows machines to a central Splunk indexer running the full app. You can also use the TA on your indexer or search head to provide Windows data and knowledge for other apps.
The Splunk Add-on for Windows was last updated on Tuesday, March 31, 2015.
How does it work?
The Splunk Add-on for Windows runs on top of a Splunk search head, indexer or forwarder that runs Windows and gathers various system metrics using a number of data inputs. These include but are not limited to:
- Hardware information such as CPU type and count; available hard drives; network interface cards, count, and memory, as well as CPU statistics (via performance monitoring inputs).
- Disk information such as available disk space and associated input/output statistics for devices and partitions (via performance monitoring inputs).
- Network information including information about the configured network interfaces, connections, and TCP/UDP transfer statistics (using performance monitoring inputs).
- User statistics including number of logins per account, longest active sesions, and security-related information.
How do I get it?
Download the Splunk Add-on for Windows from Splunkbase.
New to Splunk? |
This documentation applies to the following versions of Splunk® Add-on for Windows: 4.7.5
Feedback submitted, thanks!