- Apps and Add-ons
- :
- All Apps and Add-ons
- :
- Can I use Splunk App for Windows Infrastructure wi...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Good Morning
Not sure if this is an answerable question.
I am investigating using the Splunkbase "Splunk App for Windows Infrastructure" to gather resource information from our servers for management purposes. I like the interface and it is very informative for us.
The one issue I have is we cannot connect our Splunk deployment to AD (Active Directory) because it is a managed solution exterior to our organization. We have access to our servers as needed, but the support infrastructure behind the servers is outside of our purview.
That said, is there a way to edit the "Splunk App for Windows Infrastructure" so that the server information (names, etc.) is not extracted from AD, but maybe from a file?
I am fairly new to Splunk so this is a bit of a learning curve.
Thank you,
Dan
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, it is possible to use the app "Splunk App for Windows Infrastructure" without AD access. The app covers a wide range of data collection of which AD is just one type of data. The dashboards will just be empty for those items you do not collect data from.
The app itself does not collect data, for that you need the Splunk Add-on for Windows (https://splunkbase.splunk.com/app/742/). This app contains all the data collection options and you need to determine which are enabled or disabled. I believe these are all disabled by default - so you need to specifically decide which to enable.
The Add-One for windows would be installed on all the servers that you need to collect data from (deployed within a Splunk forwarder if collecting from hosts other than the Splunk server) and the Splunk App for Windows Infrastructure is installed on the Splunk server only. The app provides the data processing logic and dashboards, while the add-on simply collects the data.
You can think of these apps as a starter-pack to show what can be collected and how the data can be presented in Shell - but can be quite daunting with such a wide range of possible data sources. I tend to use my own data collection apps based to keep the collection configurations simple and easier to maintain. For example if you want to collect Windows event logs - the process is covered here - https://docs.splunk.com/Documentation/Splunk/8.0.3/Data/MonitorWindowseventlogdata
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, it is possible to use the app "Splunk App for Windows Infrastructure" without AD access. The app covers a wide range of data collection of which AD is just one type of data. The dashboards will just be empty for those items you do not collect data from.
The app itself does not collect data, for that you need the Splunk Add-on for Windows (https://splunkbase.splunk.com/app/742/). This app contains all the data collection options and you need to determine which are enabled or disabled. I believe these are all disabled by default - so you need to specifically decide which to enable.
The Add-One for windows would be installed on all the servers that you need to collect data from (deployed within a Splunk forwarder if collecting from hosts other than the Splunk server) and the Splunk App for Windows Infrastructure is installed on the Splunk server only. The app provides the data processing logic and dashboards, while the add-on simply collects the data.
You can think of these apps as a starter-pack to show what can be collected and how the data can be presented in Shell - but can be quite daunting with such a wide range of possible data sources. I tend to use my own data collection apps based to keep the collection configurations simple and easier to maintain. For example if you want to collect Windows event logs - the process is covered here - https://docs.splunk.com/Documentation/Splunk/8.0.3/Data/MonitorWindowseventlogdata
Welcome to the Splunk Community!
Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM
Adoption of RUM and APM at Splunk
