The Splunk App for Microsoft Windows ONLY works on Splunk 5.x systems. For similar functionality on Splunk 6 and later editions, please use the Splunk App for Windows Infrastructure: http://apps.splunk.com/app/1680/
The Splunk App for Windows provides examples of pre-built data inputs, searches, reports, alerts, and dashboards for Windows server and desktop management. You can monitor, manage, and troubleshoot Windows operating systems from one place. Included are scripted inputs for CPU, disk, I/O, memory, log, configuration, and user data, plus a web-based setup UI for indexing Windows Events Logs.
This App has been superseded by the new Windows Infrastructure app for use with Splunk 6.0. Please download the new application instead - http://apps.splunk.com/app/1680/
• On pooled search heads, the app now respects search schedules and does not populate the dispatch directory with extraneous search artifacts.
• The app has been updated to conform to application taxonomy requirements.
Completely refactored version of the App for monitoring of Windows infrastructure in enterprise environments.
Fixed bug with persistent warning window about unsupported configuration on Unix platforms.
Fixed bug with Windows app lookups being unavailable to other Splunk applications.
Here's what's new in the latest version of the Splunk App for Windows:
* Documentation! http://docs.splunk.com/Documentation/WindowsApp This app now has official Splunk documentation that will be maintained with every release of the app.
* Improved app setup
* Improved knowledge layers
Bug fixes include:
* You are no longer sent to a "404 Not Found" page when you click on the set-up link that the app presents after it is initially installed.
* The system resources of the local Windows host are now properly monitored by default after installation.
* On the dashboard that displays indexed data, the "Total Count" now properly appears on the "Last 15 minutes" and "Last 24 hours" subpanels.
* Configuration defaults are now properly added for Registry monitoring inputs.
contains bug fix for migrating regmon filters from Splunk 4.2 to 4.3
Updated to be compatible with Splunk 4.2, to work better with newer Windows operating systems (such as Windows 2008 R2) as well as other miscellaneous improvements.
With the Splunk App for Windows you can:
- Monitor CPU, memory, network and disk utilization across one or more systems
- Monitor Windows Update successful and failed packages, application installations and application crashes on hosts across your environment
- Monitor all Windows event logs across your environment, including Application, System and Security
Accessing the documentation:
- New and improved operational health dashboards designed for large scale enterprise distributed environments across multiple hosts
- New customizable performance dashboards views to enable reporting by any counter that is being collected
- New interactive views enabling advanced filtering capabilities including wildcarding on host names
- App interoperability with non-Windows search head
- Support for the Windows Technology-Addon (TA)
The Splunk App for Windows supports Windows Server 2003, 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Vista, Windows 7 and Windows 8.
All instances of Splunk in a Splunk App for Windows deployment must run version 4.3.5 or later.
As a Microsoft Gold Certified Partner Splunk is committed to delivering innovative solutions and technologies that enable organizations to be operationally aware of the Windows IT infrastructure they manage. Splunk provides the tools to manage the Windows foundation for customer success.
Microsoft and Windows are registered trademarks of Microsoft Corporation in the United States and other countries.