Getting Data In

What is the relationship between Splunk Enterprise and the Universal Forwarder?

New Member

I want to know the two relations between the universal forwarder and Splunk Enterprise.

0 Karma
1 Solution

SplunkTrust
SplunkTrust

Splunk Enterprise is data store for server logs and other machine data. It receives data from various sources, indexes it, stores it, and provides a UI that allows users to search that data and produce reports.

The Universal Forwarder is essentially a Splunk "agent". It resides on monitored servers where it collects data and passes it on (forwards it) to Splunk Enterprise for storage.

---
If this reply helps you, an upvote would be appreciated.

View solution in original post

Ultra Champion
0 Karma

SplunkTrust
SplunkTrust

Splunk Enterprise is data store for server logs and other machine data. It receives data from various sources, indexes it, stores it, and provides a UI that allows users to search that data and produce reports.

The Universal Forwarder is essentially a Splunk "agent". It resides on monitored servers where it collects data and passes it on (forwards it) to Splunk Enterprise for storage.

---
If this reply helps you, an upvote would be appreciated.

View solution in original post