Community:BestWayToGetDataIntoSplunkRemotely

From Splunk Wiki

Jump to: navigation, search

Best practices for getting data into Splunk remotely

will the input method queue or retry? Solution:

  • Splunk Forwarders is the advised solution.
  • Forwarders will send a heartbeat to the Indexer on a configurable interval, defaults to 30 seconds. It Forwarder loses its connection it will try to reconnect until told to stop.
  • Can be monitored via scheduled searches on the indexer.
Retrieved from "https://wiki.splunk.com/index.php?title=Community:BestWayToGetDataIntoSplunkRemotely&oldid=49383"
Personal tools
Hot Wiki Topics


About Splunk >
  • Search and navigate IT data from applications, servers and network devices in real-time.
  • Download Splunk