https://community.splunk.com/t5/Splunk-Enterprise-Security/ESS-TA-and-other-TA/m-p/61427#M143 <P>Generally, you should prefer the TA's that ship with ES versus ones obtained elsewhere because many of the other TAs do not support the Common Information Model (CIM); the Unix TA that ships with ES conforms to the CIM.</P> <P>Regarding DAs, SAs, and TAs: a description of the various apps included in ES are <A href="http://docs.splunk.com/Documentation/ES/latest/Install/ESArchitecture">detailed in the docs</A>.</P> Thu, 12 Sep 2013 17:12:24 GMT LukeMurphey 2013-09-12T17:12:24Z https://community.splunk.com/t5/Splunk-Enterprise-Security/ESS-TA-and-other-TA/m-p/61426#M142 <P>Hi expert:</P> <P>I'm studying ESS.<BR /> There are 3 Add-ons in ESS, Domain Add-ons, Supporting Add-ons and Technology Add-ons.<BR /> I have been monitor my Redhat OS in splunk. Forward and TA for Unix have been installed on my host.</P> <P>So, what is the different between ESS TA and TA for Unix? Should I install both of them on my Unix host?</P> Thu, 12 Sep 2013 07:18:49 GMT https://community.splunk.com/t5/Splunk-Enterprise-Security/ESS-TA-and-other-TA/m-p/61426#M142 xuanyun 2013-09-12T07:18:49Z https://community.splunk.com/t5/Splunk-Enterprise-Security/ESS-TA-and-other-TA/m-p/61427#M143 <P>Generally, you should prefer the TA's that ship with ES versus ones obtained elsewhere because many of the other TAs do not support the Common Information Model (CIM); the Unix TA that ships with ES conforms to the CIM.</P> <P>Regarding DAs, SAs, and TAs: a description of the various apps included in ES are <A href="http://docs.splunk.com/Documentation/ES/latest/Install/ESArchitecture">detailed in the docs</A>.</P> Thu, 12 Sep 2013 17:12:24 GMT https://community.splunk.com/t5/Splunk-Enterprise-Security/ESS-TA-and-other-TA/m-p/61427#M143 LukeMurphey 2013-09-12T17:12:24Z