Splunk Enterprise
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

How to view Splunk Enterprise Data on itself?

skrampachspl
Loves-to-Learn Lots
‎08-30-2022 06:01 AM

I hate to have a newbie question here but, I am deploying a Linux Splunk server with several windows workstations. The workstations show up in the forwarders area however, I cannot find the hostname of the Linux server I am on. Do I need to include a forwarder on the splunk server? I have never worked at the application level with splunk before so I apologize if this is a silly question.

Labels (1)
Labels
0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎08-30-2022 06:09 AM

If you have a single splunk server (SH + IDX on same node), then the easiest way is just install those apps directly into that node (don't use DS for that!!) to collect needed logs/events. If you have indexer cluster then use it to deliver apps to individual search peers.

Another way is use a UF on that/those nodes and install apps with it, but usually it's better to install those into splunk server(s).

r. Ismo

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Observability Simplified: Combining User Experience, Application Performance & ...

Tech Talk Observability Simplified: Combining User Experience, Application Performance & Network ...

Event Series May & June: From Network Visibility to Service Intelligence

Unifying the Network: Moving from Alert Noise to Service Intelligence with Splunk ITSI In today’s hybrid ...

Global Splunk User Group Events: May + June 2026

Your Splunk Community Awaits: Discover Upcoming User Group Events Worldwide    Staying ahead in the fast-paced ...