Installation

Difference between Splunk app and splunk add-on and universal forwarder?

gsrikanth87
Path Finder

As per my understanding we install Splunk app on serverside, Splunk universal forwarder is client-side, then what is a Splunk add-on?

Labels (3)
1 Solution

kml_uvce
Builder

yes , if your definition of client and server side like this
client side is your source of data/system
serverside is your indexer

View solution in original post

kml_uvce
Builder

yes , if your definition of client and server side like this
client side is your source of data/system
serverside is your indexer

gsrikanth87
Path Finder

oh, Thank you. Do we have any video link for splunk configuration for unix/linux servers monitoring?

0 Karma

kml_uvce
Builder

universal forwarder : it is used to send data from source to indexer
Splunk app: you need to install in indexer or search head and shows you report, visualization
splunk addon:you need to install splunk add-on in forwarder and addon extract the data from source (example run scripts in unix addon) v and send to indexer via forwarder

0 Karma

gsrikanth87
Path Finder

Thank you.. But I want to understand that where we install splunk app and splunk fowarder?

splunk app - server side
splunk universal forwarder- client side with addon

Is this correct?

0 Karma
Get Updates on the Splunk Community!

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...

SignalFlow: What? Why? How?

What is SignalFlow? Splunk Observability Cloud’s analytics engine, SignalFlow, opens up a world of in-depth ...

Federated Search for Amazon S3 | Key Use Cases to Streamline Compliance Workflows

Modern business operations are supported by data compliance. As regulations evolve, organizations must ...