i am new to splunk and i would like to know how i can make use of splunk cloud. i understand that the splunk cloud is nothing but splunk infrastructure managed by you and all i need to do is to configure the metrics alone. is it right?
Splunk cloud provides you an app that you need to put on all forwarders you want sending data to Splunk Cloud. Port information would be specified in that app.
Splunk Cloud does not provide a deployment server, if you want one you would have to set it up yourself, but it would be a good way to distribute the aforementioned app.
If you want to use a deployment server to distribute the app from Splunk cloud, to your forwarders then you need to set it up. As you're having Splunk Cloud monitor everything else, installing the app on the deployment server is an option as well. Now you don't actually need a deployment server, the purpose it serves is to push out configuration to forwarders. If you have other forms of automation and configuration management those could be used to serve the same purpose. This is getting into how to best architect and deploy Splunk in your environment which to sufficiently answer means going through a large number of variables and trade offs which isn't easy on a community site. Your sales engineer could likely help some but to answer in depth for production I would recommend Splunk's professional services.
If however you're just trying things out (with a cloud sandbox for example) don't worry about a deployment server for now and just manually install the forwarder app. (Last time I played with the sandbox, there were instructions on how to do this where you downloaded the forwarder app)
so i can monitor all my servers both in cloud and also on-premises? what ports should be opened for on-premises and i just tried installing universal forwarder and what should be given as deployment server in case of splunk cloud
Splunk Cloud offers the features of Splunk Enterprise as a cloud service. You can use Splunk Cloud alone or with on-premises Splunk Enterprise software as a hybrid solution.
Splunk Cloud offers all the features of the award-winning platform Splunk® Enterprise as a cloud service. The platform provides access to applications such as Splunk Enterprise Application Security and Application Splunk for AWS, and provides centralized visibility into cloud, hybrid and local environments.
for more informations, following this link: