Hi everybody,
Is it possible to use the Splunk Add-On for Microsoft Windows when the indexers and search heads are all running on Linux? We have a group of people who want to collect Windows logs and throw them into Splunk, but they are also asking if we can install the Windows add-on. I guess my first questions would be, do we need to install anything on the search heads and indexers to support the functionality offered by this add-on? Or would it be sufficient to install a universal forwarder on a Windows host and put the add-on there?
Any input on how to approach this would be great!
Thanks!
--- Michael
↧