Splunk® App for Windows Infrastructure (Legacy)

Deploy and Use the Splunk App for Windows Infrastructure

On October 20, 2021, the Splunk App for Windows Infrastructure will reach its end of life. After this date, Splunk will no longer maintain or develop this product. The functionality in this app is migrating to a content pack in Data Integrations. Learn about the Content Pack for Windows Dashboards and Reports.
This documentation does not apply to the most recent version of Splunk® App for Windows Infrastructure (Legacy). For documentation on the most recent version, go to the latest release.

Download and configure the Splunk Add-ons for Windows DNS

This topic discusses how to download and configure the Splunk Add-ons for Windows DNS and deploy them to your deployment clients so that they forward DNS information to the Splunk App for Windows Infrastructure indexer.

The Splunk App for Windows Infrastructure download package comes with a suite of add-ons that collect DNS data (as well as other data types.) When you deploy the add-ons to your DNS server deployment clients, the clients collect DNS data and forward it to the central Splunk App for Windows Infrastructure indexer.

More information about the DNS add-ons

The following table lists the DNS add-ons that come with the Splunk App for Windows Infrastructure, and what each add-on provides.

Add-on Description
TA-DNSServer-NT5 For DNS Servers that run Windows Server 2003/2003 R2 and earlier
TA-DNSServer-NT6 For DNS Servers that run Windows Server 2008/2008 R2 and later

The add-ons reside in the \appserver\addons directory in the app installation package.

Download the Splunk Add-ons for Windows DNS

Like the Splunk Add-ons for Active Directory, the Splunk Add-ons for Windows DNS come with the Splunk App for Windows Infrastructure installation package.

If you have already completed the "Get Active Directory" portion of setup, you already have the Splunk App for Windows Infrastructure installation package and can skip this section.

Otherwise, you can download the Splunk App for Windows Infrastructure from Splunk Apps.

Download the app and save it to an accessible place on the deployment server:

1. In a web browser, proceed to the Splunk App for Windows Infrastructure download page.

2. Click the download link to begin the download process.

  • Make sure you download the latest version of the app.
  • You might need to sign in with your Splunk account before the download starts.

3. When prompted, choose an accessible location on your deployment server to save the download. Do not attempt to run the download.

4. Use an archive utility such as WinZip to unarchive the file to an accessible location.

Configure the Splunk Add-ons for Windows DNS

The Splunk Add-ons for Windows DNS do not require any configuration edits by default. When you deploy them onto the DNS servers, they immediately begin collecting data as long as you have configured DNS debug logging.

What's next?

You have downloaded the Splunk App for Windows Infrastructure and can now access the Splunk Add-ons for Window DNS. The next step involves deploying those add-ons into the deployment clients that you install on your Active Directory DNS servers.

Last modified on 16 May, 2016
Configure Windows Domain Name Server   Confirm and troubleshoot DNS data collection

This documentation applies to the following versions of Splunk® App for Windows Infrastructure (Legacy): 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.2.0, 1.2.1


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters