Splunk ITSI
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

What is the difference between Splunk Insights for Infrastructure (SII) and Splunk APP for Infrastructure (SAI) ??

AbdelrahmanAbde
Explorer
‎09-03-2019 11:40 PM

Hi everyone ,

I have a couple of questions about Splunk Insights for Infrastructure :
I found that Splunk Insights for Infrastructure ( SII ) can be installed separately without the need to install Splunk Enterprise platform

  1. What is the added value that I get when using (SAI) as an app on top of Splunk Enterprise vs using (SII) without having Splunk Enterprise ?
  2. Does this app fits more into physical or virtual environments or it does not matter ? by that I mean will it show me how much RAM and CPU are utilized from the resources I assigned to a certain VM OR will it compare it against the total host's CPU and RAM
  3. When it comes to Disk Performance monitoring ( does this apply also to volumes attached to VMs from shared Storage arrays ) ?
  4. Is it better to use Splunk APP for VMware if I have a virtual environment ?
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

pwu_splunk
Splunk Employee
Splunk Employee
‎09-05-2019 05:40 PM
  1. SII was a product that acted as a simplified version of SAI + Splunk Enterprise. It lacked features like access to Search & Reporting and more granular control of Splunk for users who didn't want to jump right into the complexity of Splunk Enterprise. Most importantly, it's a deprecated product. Going forward, users should use SAI to receive the latest features and updates.
  2. SAI works for both physical and virtual environments. How your resources are displayed depends on how you send data from entities to SAI. For example, based on your configuration, you can discover an AWS server as a standalone Linux server, as part of a larger AWS infrastructure, or as both. As of version 1.4.0, SAI has no support for integrating with VMware directly. However, this may change in the next major release. 😉 Stay tuned.
  3. See above.
  4. Splunk App for VMware and Splunk App for Infrastructure have different features. They're more complimentary rather than one being strictly better than the other.

View solution in original post

Reply
Solved! Jump to solution
Solution

pwu_splunk
Splunk Employee
Splunk Employee
‎09-05-2019 05:40 PM
  1. SII was a product that acted as a simplified version of SAI + Splunk Enterprise. It lacked features like access to Search & Reporting and more granular control of Splunk for users who didn't want to jump right into the complexity of Splunk Enterprise. Most importantly, it's a deprecated product. Going forward, users should use SAI to receive the latest features and updates.
  2. SAI works for both physical and virtual environments. How your resources are displayed depends on how you send data from entities to SAI. For example, based on your configuration, you can discover an AWS server as a standalone Linux server, as part of a larger AWS infrastructure, or as both. As of version 1.4.0, SAI has no support for integrating with VMware directly. However, this may change in the next major release. 😉 Stay tuned.
  3. See above.
  4. Splunk App for VMware and Splunk App for Infrastructure have different features. They're more complimentary rather than one being strictly better than the other.
Reply
Solved! Jump to solution

AbdelrahmanAbde
Explorer
‎09-06-2019 04:27 AM

Thanks
This answers all of my questions .

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...