| Basics | Not as Basic |
|---|---|
|
What is Splunk?
a software tool that is used to collect data from different servers and convert it to useable/readable data.
|
What is an Indexer.
A Splunk Enterprise instance that indexes data, transforming raw data into events and placing the results into an index. It also searches the indexed data in response to search requests
|
|
What are the 3 main components of Splunk?
Forwarder, indexer and Searchhead
|
What is a forwarder?
a component of Splunk that collects data at the source and sends it to the indexer to be categorized.
|
|
What is a database?
A program that stores data in some format and provides a way to extract that data.
|
How does data flow through Splunk?
The forwarder collects the data at the source, then it gets to the indexer where it is filtered, and stored in indexes as events. Then the searchhead is able to search the data that has been indexed.
|
|
What is an Indexer?
provide data processing and storage for local and remote data and host the primary Splunk data store
|
|
|
What are examples of databases?
Oracle + MySql.
|
|
Support Us on Ko-fi