How to install splunk app for linux without instal...

sabaKhadivi · ‎04-13-2019

Can I use splunk app for linux without installing universal forwarder on each linux host I need their logs?

pgelnar_hci · ‎04-15-2019

you can use forwarding from syslog (rsyslog, syslogng etc) or as named above. i prefer fluentbit

woodcock · ‎04-15-2019

The app is useless without the logs but certainly there are may ways to get them in. You can use the UF, snare, fluentd, to name just a few tools.

gjanders · ‎04-14-2019

If you are referring to Splunk Add-on for Linux then you could read the documentation around this for example configure collectd to send data

If you are using collectd on the remote machines you would not need a universal forwarder on each Linux machine.

-
Alerts for Splunk Admins, Version Control for Splunk, Decrypt2 VersionControl For SplunkCloud

How to install splunk app for linux without installing the universal forwarder?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Automating Threat Operations and Threat Hunting with Recorded Future

Keep the Learning Going with the New Best of .conf Hub

Join the Conversation