Reporting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to get data/logs from a Web or application server and do search and reporting from my machine?

sathishsathiyam
New Member
‎08-28-2016 11:43 PM

I wanted to index logs from Web/application server and do all the search, report, alert from my machine. How this can be done? Either i need to install a Splunk instance where the server is placed or how to get connected.

0 Karma
Reply

renjith_nair
SplunkTrust
SplunkTrust
‎08-29-2016 07:07 AM

You need a forwarder to forward the data from applicaion server, an indexer to store the data and a search head to search it. All can be in a single machine or in three different machines or in a cluster.

It's difficult to provide a short answer. You have to decide and design your splunk deployment based on what you want to ingest , how and how much

Start from here.
http://docs.splunk.com/Documentation/Splunk/6.4.3/Capacity/ComponentsofaSplunkEnterprisedeployment
http://docs.splunk.com/Documentation/Splunk/6.4.3/Capacity/DimensionsofaSplunkEnterprisedeployment
http://docs.splunk.com/Documentation/Splunk/6.1.3/Installation/CapacityplanningforalargerSplunkdeplo...

Happy Splunking!
0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Forwarders and Forced Time Based Load Balancing

Splunk customers use universal forwarders to collect and send data to Splunk. A universal forwarder can send ...

NEW! Log Views in Splunk Observability Dashboards Gives Context From a Single Page

Today, Splunk Observability releases log views, a new feature for users to add their logs data from Splunk Log ...

Last Chance to Submit Your Paper For BSides Splunk - Deadline is August 12th!

Hello everyone! Don't wait to submit - The deadline is August 12th! We have truly missed the community so ...