Splunk Enterprise
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

What is the difference between full stack splunk and splunk enterprise?

Shakeer_Spl
Explorer
‎01-31-2023 02:21 AM

Hi Folks,

Please note that I am new to splunk,

I have a question what is the difference between full stack splunk and splunk enterprise

Would be appreciate your kind support you 

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

Shakeer_Spl
Explorer
‎01-31-2023 12:59 PM

Hi gcusello,

 
Thanks for your time, i would like to ask you that splunk enterprise version is Splunk full stack which is required to configuring splunk heavy forwarders 
that I understood from your answer is it correct please let me know
Thanks for your kind support

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

Shakeer_Spl
Explorer
‎01-31-2023 12:59 PM

Hi gcusello,

 
Thanks for your time, i would like to ask you that splunk enterprise version is Splunk full stack which is required to configuring splunk heavy forwarders 
that I understood from your answer is it correct please let me know
Thanks for your kind support
0 Karma
Reply
Solved! Jump to solution

PickleRick
SplunkTrust
SplunkTrust
‎02-01-2023 02:32 AM

It's hard to say what you mean by "full stack".

Splunk as a company has many different products/services. Typically when talking about "Splunk" as a product it's implied that we're talking about environment of Splunk Enterprise or Splunk Free (which is the same Splunk Enterprise binary but with a limited Splunk Free license applied) instance(s) and Splunk Universal Forwarders

Splunk Enterprise can be configured, depending on the needed role, as indexer, search-head, heavy forwarder, deployment server, shc deployer, cluster manager. But these are all instances of Splunk Enterprise servers.

0 Karma
Reply
Solved! Jump to solution

gcusello
SplunkTrust
SplunkTrust
‎01-31-2023 11:43 PM

Hi @Shakeer_Spl,

Splunk on premise has two main products (there are many others but for this scope two products):

  • Splunk Enterprise:
  • Splunk Universal Forwarder.

The second is a light agent that can be used only to input data and is usually installed on the target servers.

The second is a full stack version of the product that is usually installed on one or more dedicated servers, it  can be used for all roles except agent: Indexer, Search Head, Heavy Forwarder, Master Node, License master, Deployer.

What is your requirement?

Ciao.

Giuseppe

0 Karma
Reply
Solved! Jump to solution

gcusello
SplunkTrust
SplunkTrust
‎01-31-2023 04:56 AM

Hi @Shakeer_Spl,

Splunk sells it's main solution in two ways:

  • Splunk Cloud,
  • Splunk Enterprise.

Splunk Enterprise is the on-premise version of Splunk Platform, differentiated by Splunk Cloud.

Splunk Enterprise can have many roles, but it's used always the same software version with the only exception of Splunk Universal Forwarder.

When you speak of full stack Splunk, probably you want to differentiate Splunk Heavy Forwarder from Splunk Universal Forwarder that are two different products and distributions:

  • Splunk Universal Forwarder is an agent: a light versione of Splunk (different than Splunk Enterprise), without GUI, used only to ingest logs.
  • Splunk Heavy Forwarder is a full stack Splunk Enterprise version of the product, where some features (e.g. indexing) aren't used because the scope of this role is take logs and forward them to Indexers.

Ciao.

Giuseppe

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Observability Cloud’s AI Assistant in Action Series: Analyzing and ...

This is the second post in our Splunk Observability Cloud’s AI Assistant in Action series, in which we look at ...

Elevate Your Organization with Splunk’s Next Platform Evolution

 Thursday, July 10, 2025  |  11AM PDT / 2PM EDT Whether you're managing complex deployments or looking to ...

Splunk Answers Content Calendar, June Edition

Get ready for this week’s post dedicated to Splunk Dashboards! We're celebrating the power of community by ...
Top