All Apps and Add-ons

Splunk Enterprise 7.0.1 Add-on for Google Cloud Platform is there a way to get data ?

swdowiarz
Path Finder

Hi

I'm using now splunk Enterprise 7.0.1. Right now I'm quite new to it that's why i'm asking. Is there a way to get data(logs etc.) from Google Cloud Platform with this version ? Or I have to get version 6.5 and install the add ? I'll be really grateful for every answer.

0 Karma

amarrazzo
Engager

One potential option for you would be to install Splunk Enterprise 6.5 on a second box, and set it up to act as a heavy forwarder. This being, a full Splunk Enterprise instance, whose purpose is to pull in data, such as by the GCP add-on, (and other apps, such as DBConnect), and forward it on to other Splunk instances in your environment.

I'm not certain from your question as to what your Splunk environment looks like, but even if you were just using an "all in one" instance, you could configure data inputs on that instance to receive forwarded data, and then configure the second instance to output data to your all in one box-more info on what that process looks like can be found here:
http://docs.splunk.com/Documentation/Splunk/7.0.1/Forwarding/Aboutforwardingandreceivingdata

Otherwise, if you have a distributed deployment (separate instances for search heads and indexers), you could simply point this new heavy forwarder to output data to your indexing tier. In either case, it would allow you to install the add-on on the last known supported version of Splunk Enterprise.

.conf21 Now Fully Virtual!
Register for FREE Today!

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too!