Join the Conversation
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
- :
- Re: Confused about Splunk App for Windows
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I've been using Splunk for several years now. I have forwarders installed on Linux, AIX, and Solaris. Never had an issue.
I recently installed a universal forwarder on my first-ever Windows server. And it forwards its WinEvent/Perfmon data to my Linux-based Indexer without any issue. I haven't installed any additional TAs on the forwarder (yet). It just ran with whatever the Forwarder came with.
Where I'm confused is how I get the App with the UI/Dashboards running on my Linux-based Splunk instance. Reading the documentation, I get the impression it only works on a Windows-based Indexer. I've looked around on these forums and people running their indexer on Linux seem to have similar confusions and mixed results.
I refer to this doc: http://docs.splunk.com/Documentation/WindowsApp/latest/User/HowtodeploytheSplunkAppforWindows
Which says that I only need to install the TA on the Linux indexer. But will that provide me with the UI/Dashboards? From the description, it doesn't sound like it.
There are many posts on here regarding the Windows App, but I can't find a clear answer to this. Will the Splunk App for Windows run on a Linux indexer or not? If not, am I out of luck with getting the Dashboard?
Thank you very much in advance.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
"You can also install the Splunk App for Windows on a non-Windows Splunk instance to display Windows data coming from external sources, such as universal forwarders that run the Splunk Technology Add-on (TA) for Windows."
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
"You can also install the Splunk App for Windows on a non-Windows Splunk instance to display Windows data coming from external sources, such as universal forwarders that run the Splunk Technology Add-on (TA) for Windows."
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Somehow I missed that. Thank you! 🙂
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas
What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)
Automating Threat Operations and Threat Hunting with Recorded Future
