Splunk Enterprise Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk Cloud Hybrid Infrastructure

kruane
Explorer
‎06-13-2024 12:18 PM

So I have Splunk Cloud, but we still use a Heavy Forwarder, Universal Forwarder and a Deployment server. The UF server has definitely come into hand for grabbing local data. However, I'm not sure what the Deployment server is for. We do use the Heavy Forwarder for various things. 

Does anyone have documentation of what is necessary and what is a nicety? And do they have knowledge on the specs needed? 

Labels (3)
0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎06-13-2024 06:22 PM

Strictly speaking, none of it is necessary, but it does make it easier to get data into Splunk.  😃

You already use the UF and HF so you must have found them necessary for doing certain things.  There may be other ways to do those things, but don't fix what isn't broken.

The Deployment Server is there to help manage your UFs.  Without a DS, you have manage each UF separately and manually (unless you have automation to help).

For more about the DS and what is does, see https://docs.splunk.com/Documentation/Splunk/9.2.1/Updating/Aboutdeploymentserver#What_is_deployment... .  The system requirements are at https://docs.splunk.com/Documentation/Splunk/9.2.1/Updating/Planadeployment#Deployment_server_system...

System requirements for UFs are at https://docs.splunk.com/Documentation/Forwarder/9.2.1/Forwarder/Deploy

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply
Get Updates on the Splunk Community!

Detecting Brute Force Account Takeover Fraud with Splunk

This article is the second in a three-part series exploring advanced fraud detection techniques using Splunk. ...

Buttercup Games: Further Dashboarding Techniques (Part 9)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...

Buttercup Games: Further Dashboarding Techniques (Part 8)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...
li.common.scroll-to.top