Getting Data In
Highlighted

What is the relationship between Splunk Enterprise and the Universal Forwarder?

New Member

I want to know the two relations between the universal forwarder and Splunk Enterprise.

0 Karma
Highlighted

Re: What is the relationship between Splunk Enterprise and the Universal Forwarder?

SplunkTrust
SplunkTrust

Splunk Enterprise is data store for server logs and other machine data. It receives data from various sources, indexes it, stores it, and provides a UI that allows users to search that data and produce reports.

The Universal Forwarder is essentially a Splunk "agent". It resides on monitored servers where it collects data and passes it on (forwards it) to Splunk Enterprise for storage.

---
If this reply helps you, an upvote would be appreciated.

View solution in original post

Highlighted

Re: What is the relationship between Splunk Enterprise and the Universal Forwarder?

Ultra Champion
0 Karma