#Random
This is a place to discuss all things outside of Splunk, its products, and its use cases.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

easy home lab directions

cjsweeney1
Explorer
‎08-12-2019 02:16 PM

Hi looking to renew my power user cert from 6.x to 7.3.1 and looks like the course wants an installation of Splunk which i've loaded.... my question is can the forwarder be on the same PC and the enterprise server? Not how you'll see it in the real world but looking to keep this simple to knock out and i'll spin up some VM's when i get to the admin level courses...

Tags (1)
0 Karma
Reply

marycordova
SplunkTrust
SplunkTrust
‎08-12-2019 03:08 PM

This is what I would do:

  1. Host OS Windows with Splunk Enterprise installed and local Windows event logs collected (can configure easy from the UI)
  2. Guest OS *nix with Universal Forwarder installed and *nix TA setup to collect local logs and forward them to the enterprise install on the host

You can vary this if you prefer a Host on Mac or *nix you can put Windows on the VM. Here is a link to create free Windows 10 installations: https://www.microsoft.com/en-us/software-download/windows10

This setup also supports playing around with Deployment Server since you have a forwarder you can manage "remotely".

@marycordova
0 Karma
Reply
Get Updates on the Splunk Community!

Infographic provides the TL;DR for the 2024 Splunk Career Impact Report

We’ve been buzzing with excitement about the recent validation of Splunk Education! The 2024 Splunk Career ...

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...