Solved: Compatibility between forward linux server 32 bit ...

vn0qhul · ‎10-09-2019

¿Is there an incompatibility problem between the Linux 32 bit agent version (splunkforwarder-6.6.12-ff1b28d42e4c-Linux-i686) and the indexer version (7.2.6 Splunk Enterprise)? or are they fully compatible?.

I need to read logs from a 32 bit linux server, the indexer I have is splunk enterprise version 7.2.6, ¿what version of forwarder should I use?.

mstephenson716 · ‎10-09-2019

It looks like these versions are partially compatible, in that event data should be forward-able.

Here is a compatibility matrix for the versions you mentioned.
https://docs.splunk.com/Documentation/Forwarder/7.3.2/Forwarder/Compatibilitybetweenforwardersandind...

And a list of known issues for the forwarder version you mentioned.
https://docs.splunk.com/Documentation/Forwarder/6.6.12/Forwarder/KnownIssues

View solution in original post

mstephenson716 · ‎10-09-2019

It looks like these versions are partially compatible, in that event data should be forward-able.

Here is a compatibility matrix for the versions you mentioned.
https://docs.splunk.com/Documentation/Forwarder/7.3.2/Forwarder/Compatibilitybetweenforwardersandind...

And a list of known issues for the forwarder version you mentioned.
https://docs.splunk.com/Documentation/Forwarder/6.6.12/Forwarder/KnownIssues

vn0qhul · ‎10-10-2019

Hello mstephenson716

thanks for your time and for the information.

regards.

Compatibility between forward linux server 32 bit and indexer version 7.2.6

Get More Out of Your Security Practice With a SIEM

New This Month - SLO Capabilities, APM Advanced Filtering & Usage Analytics Plus ...

Enterprise Security Content Update (ESCU) | New Releases