#Random
This is a place to discuss all things outside of Splunk, its products, and its use cases.

easy home lab directions

cjsweeney1
Explorer

Hi looking to renew my power user cert from 6.x to 7.3.1 and looks like the course wants an installation of Splunk which i've loaded.... my question is can the forwarder be on the same PC and the enterprise server? Not how you'll see it in the real world but looking to keep this simple to knock out and i'll spin up some VM's when i get to the admin level courses...

Tags (1)
0 Karma

marycordova
SplunkTrust
SplunkTrust

This is what I would do:

  1. Host OS Windows with Splunk Enterprise installed and local Windows event logs collected (can configure easy from the UI)
  2. Guest OS *nix with Universal Forwarder installed and *nix TA setup to collect local logs and forward them to the enterprise install on the host

You can vary this if you prefer a Host on Mac or *nix you can put Windows on the VM. Here is a link to create free Windows 10 installations: https://www.microsoft.com/en-us/software-download/windows10

This setup also supports playing around with Deployment Server since you have a forwarder you can manage "remotely".

@marycordova
0 Karma
Get Updates on the Splunk Community!

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...