Components and Buckets in SPLUNK
Components: The primary components in the Splunk architecture are Forwarders, the Indexers and the Search Head. Forwarders:The forwarder is an agent you deploy on IT systems, which collects logs and sends them to indexers. Splunk has two types of forwarders:* Universal Forwarders: forwards the data without any prior treatment. This faster and requires less resource … Read more