Splunk Enterprise

Universal Forwarder

kishorealla
New Member

Does Universal Forwarder need JVM ? How can we monitor if a Forwarder goes down.

Tags (1)
0 Karma
1 Solution

richgalloway
SplunkTrust
SplunkTrust

The Universal Forwarder does not need JVM.

To monitor your forwarders, click Settings->Distributed Management Console. Then click Forwarders->Forwarders:Instance to view the status of your forwarders.

---
If this reply helps you, Karma would be appreciated.

View solution in original post

0 Karma

richgalloway
SplunkTrust
SplunkTrust

The Universal Forwarder does not need JVM.

To monitor your forwarders, click Settings->Distributed Management Console. Then click Forwarders->Forwarders:Instance to view the status of your forwarders.

---
If this reply helps you, Karma would be appreciated.
0 Karma

kishorealla
New Member

Thanks Rich !! How does it run on Windows or Linux? Or How does a sysadmin identify it on any OS?

0 Karma

richgalloway
SplunkTrust
SplunkTrust

There are versions for both Windows and Linux.
I don't understand your second question.

---
If this reply helps you, Karma would be appreciated.
0 Karma

kishorealla
New Member

Mainly for a system admin to know how much CPU and Memory it is consuming. I know it is very less, but these are the questions coming from our Admin team.

0 Karma

richgalloway
SplunkTrust
SplunkTrust

The Universal Forwarder is not a Java app. It runs as a native binary.
See http://docs.splunk.com/Documentation/Splunk/latest/Forwarding/Theuniversalforwarder. Forwarders typically report performance data to Splunk so the admins can monitor CPU and memory use there.

---
If this reply helps you, Karma would be appreciated.
0 Karma

kishorealla
New Member

For eg. in Windows, does it run as a java service? Similarly for Linux?

0 Karma
Get Updates on the Splunk Community!

Now Available: Cisco Talos Threat Intelligence Integrations for Splunk Security Cloud ...

At .conf24, we shared that we were in the process of integrating Cisco Talos threat intelligence into Splunk ...

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Easily Improve Agent Saturation with the Splunk Add-on for OpenTelemetry Collector

Agent Saturation What and Whys In application performance monitoring, saturation is defined as the total load ...