- Splunk Answers
- :
- Splunk Administration
- :
- Getting Data In
- :
- Splunk v5 Forwarder
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Does anybody know, or could advise whether v5 can be used as a heavy forwarder to a 4.3 back end please? I did read the doco, promise...including p11 on known issues. The v5 installed ok on a Linux box including the usual suspects re accepting the T's & C's. The service is running ok. The Indexer is Windows based, all 64 bit.
Thanks guys.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Forget that last guys, just Wiresharked it...it was my network. Level 2 Dave, Level 2...gah.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes. Any Forwarder of 4.2+ can be used to send to a 4.2+ indexer, so a 5.x Heavy Forwarder can send to a 4.3 Indexer.
From the Splunk doc:
4.2+/5.0+ forwarders (universal/light/heavy) are backwards compatible down to 4.2+ indexers. For example, a 4.3 forwarder can send data to a 4.2 indexer but not to a 4.1 indexer.
Pre-4.2 forwarders are backwards compatible down to 4.0 indexers.
All indexers are backwards compatible with any forwarder and can receive data from any earlier version forwarder. For example, a 4.2 indexer can receive data from a 4.1 forwarder.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Forget that last guys, just Wiresharked it...it was my network. Level 2 Dave, Level 2...gah.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Someone downvoted your answer on your question, I upvoted it again to return the balance to 0 🙂 If someone genuinely answers a question or explains the cause then regardless of if someone did it by mistake, you can't downvote it as a bad answer... because its the answer! Anyway, rant over, nothing to see here...
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Damn ...did I down vote something Drainy?! Was it me? I shouldn't feel qualified to have an opinion on this. I've been using a Kindle Fire recently to access the SplunkBase if away from a desktop, and have to say it has yielded some 'unpredictable results'! I know...don't blame the technology 😉
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Why on earth would you downvote an answer someone posts which explains the solution to their problem? Glad you got it sorted
Routing logs with Splunk OTel Collector for Kubernetes
Welcome to the Splunk Community!
Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM
