Getting Data In

What is the relationship between Splunk Enterprise and the Universal Forwarder?

kataoka
New Member

I want to know the two relations between the universal forwarder and Splunk Enterprise.

0 Karma
1 Solution

richgalloway
SplunkTrust
SplunkTrust

Splunk Enterprise is data store for server logs and other machine data. It receives data from various sources, indexes it, stores it, and provides a UI that allows users to search that data and produce reports.

The Universal Forwarder is essentially a Splunk "agent". It resides on monitored servers where it collects data and passes it on (forwards it) to Splunk Enterprise for storage.

---
If this reply helps you, an upvote would be appreciated.

View solution in original post

ddrillic
Ultra Champion
0 Karma

richgalloway
SplunkTrust
SplunkTrust

Splunk Enterprise is data store for server logs and other machine data. It receives data from various sources, indexes it, stores it, and provides a UI that allows users to search that data and produce reports.

The Universal Forwarder is essentially a Splunk "agent". It resides on monitored servers where it collects data and passes it on (forwards it) to Splunk Enterprise for storage.

---
If this reply helps you, an upvote would be appreciated.
*NEW* Splunk Love Promo!
Snag a $25 Visa Gift Card for Giving Your Review!

It's another Splunk Love Special! For a limited time, you can review one of our select Splunk products through Gartner Peer Insights and receive a $25 Visa gift card!

Review:





Or Learn More in Our Blog >>