Introducing
Your new presentation assistant.
Refine, enhance, and tailor your content, source relevant images, and edit visuals quicker than ever before.
Trending searches
A Beginners Primer
About Splunk
ABOUT SPLUNK
“Make machine data accessible, usable, and valuable to everyone.”
Splunk Enterprise
Splunk Cloud
Splunk Light
NUTS &
BOLTS
Splunk is broken down into 3 main components:
Splunk Deployment
Splunk Components
An indexer is a Splunk Enterprise instance that indexes data.
The indexer is the Splunk Enterprise component that creates and manages indexes. The primary functions of an indexer are:
To get data to an indexer, you use forwarders, which are Splunk Enterprise instances that receive data inputs and then consolidate and send the data to a Splunk indexer.
Universal forwarders maintain a small footprint on their host machine.
They perform minimal processing on the incoming data streams before forwarding them on to an indexer, also known as the receiver.
Search heads manage searches.
They handle search requests from users and distribute the requests across the set of indexers, which search their local data.
The search head then consolidates the results from all of the indexers and serves them to the users.
USE
CASES
Inventory monitoring
Performance monitoring
Event Correlation
Troubleshooting
Security reporting
Change tracking
etc.
CLOSING
Questions or Feedback?