Solved: Difference between Splunk app and splunk add-on an...

gsrikanth87 · ‎01-08-2015

As per my understanding we install Splunk app on serverside, Splunk universal forwarder is client-side, then what is a Splunk add-on?

kml_uvce · ‎01-08-2015

yes , if your definition of client and server side like this
client side is your source of data/system
serverside is your indexer

kamal singh bisht

View solution in original post

kml_uvce · ‎01-08-2015

yes , if your definition of client and server side like this
client side is your source of data/system
serverside is your indexer

kamal singh bisht

gsrikanth87 · ‎01-08-2015

oh, Thank you. Do we have any video link for splunk configuration for unix/linux servers monitoring?

kml_uvce · ‎01-08-2015

universal forwarder : it is used to send data from source to indexer
Splunk app: you need to install in indexer or search head and shows you report, visualization
splunk addon:you need to install splunk add-on in forwarder and addon extract the data from source (example run scripts in unix addon) v and send to indexer via forwarder

kamal singh bisht

gsrikanth87 · ‎01-08-2015

Thank you.. But I want to understand that where we install splunk app and splunk fowarder?

splunk app - server side
splunk universal forwarder- client side with addon

Is this correct?

Difference between Splunk app and splunk add-on and universal forwarder?

add-on

app

universal forwarder

Fun with Regular Expression - multiples of nine

[Live Demo] Watch SOC transformation in action with the reimagined Splunk Enterprise ...

What’s New & Next in Splunk SOAR

Are you a member of the Splunk Community?

Difference between Splunk app and splunk add-on and universal forwarder?

add-on

app

universal forwarder

Fun with Regular Expression - multiples of nine

[Live Demo] Watch SOC transformation in action with the reimagined Splunk Enterprise ...

What’s New & Next in Splunk SOAR