Hi there,
I would like to know if it's possible to have Splunk instances running on linux and windows in the same environment.
We currently have an environment which runs splunk on x86 linux centOS virtual machines.
My company decided to monitor Active Directory security events with splunk.
According to this documentation: http://docs.splunk.com/Documentation/Splunk/6.2.9/Data/AuditActiveDirectory
I need to run splunk on windows to monitor active directory systems.
----------
**1. Am I able to just install another indexer on windows and add this one to the existing linux environment?
2. Will this work together?
3. Can this indexer share the licence pool of the existing splunk linux environment?
4. Can I forward data from the windows indexer to the linux indexers?**
Kind regards,
pyro_wood
↧