Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Capturing CPU and Memory in remote Windows servers from a Linux -Splunk server.

dannux
Path Finder
‎01-30-2012 11:44 AM

I have Splunk installed on a Linux server. It is indexing CPU and Memory usage for many Unix server. How can I capture CPU and MeM usage for Windows servers?

Thanks,
Dan

Tags (4)
Reply

lakshman239
Influencer
‎01-17-2017 05:00 AM

Hi, do we still have the scaling issues with WMI in the latest Splunk Add on for windows?

0 Karma
Reply

sf-mike
Splunk Employee
Splunk Employee
‎01-30-2012 02:56 PM

To build upon the above answer:

The Windows app will do this but does not use Perfmon. You install the app on your Linux box and also on a Windows forwarder.

To gather the data from Windows, You'll need to install the app on the Windows forwarder. The better way is to install the forwarder on each Windows host because of scaling issues inherent with WMI. If you do decide to use WMI, then you'll need at least 1 forwarder installed on a Windows host. Typically this would be done in an AD domain. The forwarder must be installed using AD credentials that can access all the hosts in the domain.

See this article:

http://docs.splunk.com/Documentation/Splunk/4.3/Data/MonitorWMIdata

0 Karma
Reply

hexx
Splunk Employee
Splunk Employee
‎01-30-2012 12:01 PM

I strongly recommend that you read this documentation topic on Real-time Windows performance monitoring. There's two approaches to this :

You cannot collect this kind of data remotely from a Linux indexer or forwarder.

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Agent Mode Engaged! Enchaining Agentic Operations with Splunk AI Assistant 2.0

    Are you ready to transform how your team handles complex data requests? We invite you to our upcoming ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...