All Apps and Add-ons

SolarWinds Add-on for Splunk

sh_tavousi
Explorer

I want to know where should we install "SolarWinds Add-on Splunk", I mean on deployment server, search head or indexers? Also I want to know if this Add-on can get logs like when they are sent from syslog server.

Labels (1)
Tags (1)
0 Karma
1 Solution

richgalloway
SplunkTrust
SplunkTrust

Like most TAs, it should be installed on indexers so index-time properties and transforms can be used.  It should also be installed on search heads so search-time properties can be used.  Do NOT enable inputs in either instance type.

To use the inputs feature of the app, install it on a heavy forwarder.

---
If this reply helps you, Karma would be appreciated.

View solution in original post

0 Karma

richgalloway
SplunkTrust
SplunkTrust

Like most TAs, it should be installed on indexers so index-time properties and transforms can be used.  It should also be installed on search heads so search-time properties can be used.  Do NOT enable inputs in either instance type.

To use the inputs feature of the app, install it on a heavy forwarder.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In September, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...

New in Observability - Improvements to Custom Metrics SLOs, Log Observer Connect & ...

The latest enhancements to the Splunk observability portfolio deliver improved SLO management accuracy, better ...

Improve Data Pipelines Using Splunk Data Management

  Register Now   This Tech Talk will explore the pipeline management offerings Edge Processor and Ingest ...