Hi Ninjas,
Just like to ask if I still need to have a Heavy Forwarder in monitoring AD and DHCP logs? Or Universal Forwarder and Indexers will suffice? Thanks.
Regards,
Dan
hello there,
the Universal Forwarder is good for this job
use the TA for Windows
read here:
http://docs.splunk.com/Documentation/Splunk/6.6.2/Data/Usingforwardingagents
http://docs.splunk.com/Documentation/Splunk/6.6.2/Data/HowtogetWindowsdataintoSplunk
hope it helps
hello there,
the Universal Forwarder is good for this job
use the TA for Windows
read here:
http://docs.splunk.com/Documentation/Splunk/6.6.2/Data/Usingforwardingagents
http://docs.splunk.com/Documentation/Splunk/6.6.2/Data/HowtogetWindowsdataintoSplunk
hope it helps