#Random
This is a place to discuss all things outside of Splunk, its products, and its use cases.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

easy home lab directions

cjsweeney1
Explorer
‎08-12-2019 02:16 PM

Hi looking to renew my power user cert from 6.x to 7.3.1 and looks like the course wants an installation of Splunk which i've loaded.... my question is can the forwarder be on the same PC and the enterprise server? Not how you'll see it in the real world but looking to keep this simple to knock out and i'll spin up some VM's when i get to the admin level courses...

Tags (1)
0 Karma
Reply

marycordova
SplunkTrust
SplunkTrust
‎08-12-2019 03:08 PM

This is what I would do:

  1. Host OS Windows with Splunk Enterprise installed and local Windows event logs collected (can configure easy from the UI)
  2. Guest OS *nix with Universal Forwarder installed and *nix TA setup to collect local logs and forward them to the enterprise install on the host

You can vary this if you prefer a Host on Mac or *nix you can put Windows on the VM. Here is a link to create free Windows 10 installations: https://www.microsoft.com/en-us/software-download/windows10

This setup also supports playing around with Deployment Server since you have a forwarder you can manage "remotely".

@marycordova
0 Karma
Reply
Get Updates on the Splunk Community!

New Case Study: How LSU’s Student-Powered SOCs and Splunk Are Shaping the Future of ...

Louisiana State University (LSU) is shaping the next generation of cybersecurity professionals through its ...

Splunk and Fraud

Join us on November 13 at 11 am PT / 2 pm ET!Join us for an insightful webinar where we delve into the ...

Build Your First SPL2 App!

Watch the recording now!.Do you want to SPL™, too? SPL2, Splunk's next-generation data search and preparation ...