Splunk® Add-on for Windows

Deploy and Use the Splunk Add-on for Windows

This documentation does not apply to the most recent version of Splunk® Add-on for Windows. For documentation on the most recent version, go to the latest release.

About the Splunk Add-on for Windows

The Splunk Add-on for Windows provides data inputs for Windows management. You can monitor, manage, and troubleshoot Windows operating systems from one place. Included are a set of file, event log, performance monitoring, and other inputs for collecting CPU, disk, I/O, memory, log, configuration, and user data.

You can install the Splunk Add-on for Windows on a forwarder to send data from any number of Windows machines to a central Splunk indexer running the full app. You can also use the TA on your indexer or search head to provide Windows data and knowledge for other apps.

The Splunk Add-on for Windows was last updated on Monday, September 14, 2015.

How does it work?

The Splunk Add-on for Windows runs on top of a Splunk search head, indexer or forwarder that runs Windows and gathers various system metrics using a number of data inputs. These include but are not limited to:

  • Hardware information such as CPU type and count; available hard drives; network interface cards, count, and memory, as well as CPU statistics (via performance monitoring inputs).
  • Disk information such as available disk space and associated input/output statistics for devices and partitions (via performance monitoring inputs).
  • Network information including information about the configured network interfaces, connections, and TCP/UDP transfer statistics (using performance monitoring inputs).
  • User statistics including number of logins per account, longest active sesions, and security-related information.

How do I get it?

Download the Splunk Add-on for Windows from Splunkbase.

Last modified on 14 December, 2015
  New to Splunk?

This documentation applies to the following versions of Splunk® Add-on for Windows: 4.8.1


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters