1
00:00:00,090 --> 00:00:00,870
Previously.

2
00:00:00,870 --> 00:00:07,860
We are downloaded Splunk on our local machine and also on the cloud machine where we need to install

3
00:00:07,860 --> 00:00:08,310
Splunk.

4
00:00:08,340 --> 00:00:13,840
Now let's see how we can download Universal for order for downloading Universal for order.

5
00:00:13,860 --> 00:00:20,220
You can either directly click on the link in the document or Google Splunk Universal Forwarder.

6
00:00:20,280 --> 00:00:23,310
The first link that pops up should be.

7
00:00:24,120 --> 00:00:27,390
You are link to download Splunk universal forwarder.

8
00:00:34,550 --> 00:00:39,880
Now, if you click on the link that is provided in the document, it will take you to this page.

9
00:00:39,890 --> 00:00:42,590
If you are not registered, go ahead and register.

10
00:00:42,590 --> 00:00:46,580
If you are already registered, click on login if you already logged in.

11
00:00:46,730 --> 00:00:47,810
Refresh the page.

12
00:00:49,340 --> 00:00:52,060
So since I have already logged in, I'll just refresh the page.

13
00:00:52,070 --> 00:00:55,180
I'll be able to see the link to download the universal forwarder.

14
00:00:55,820 --> 00:01:03,320
As of today, we have 66.2, and that is the latest version of Splunk available at the time of this

15
00:01:03,320 --> 00:01:04,100
tutorial.

16
00:01:04,190 --> 00:01:10,520
We have lots of varieties when we compare it to Splunk Enterprise package because Splunk Enterprise

17
00:01:10,520 --> 00:01:13,610
package, it had Linux version.

18
00:01:13,610 --> 00:01:17,000
It had Solaris, it had a Windows.

19
00:01:18,130 --> 00:01:21,100
And also probably a I believe.

20
00:01:23,650 --> 00:01:29,380
No, it was Windows, Linux, Solaris and Mac OS.

21
00:01:29,380 --> 00:01:31,150
It had just the four flavors.

22
00:01:31,150 --> 00:01:39,190
But when you see Universal forward, it has three more because the remote data source can be of different

23
00:01:39,190 --> 00:01:41,020
source or many sources.

24
00:01:41,020 --> 00:01:46,870
It can be a Windows machine, it can be a Linux machine, it can be Solaris, Mac, or any other flavor

25
00:01:46,870 --> 00:01:52,020
of Linux, even HP or IBM servers.

26
00:01:52,870 --> 00:01:54,400
There are a lot, many variants.

27
00:01:54,400 --> 00:02:01,570
And since Splunk, Universal Forward is a lightweight package, it is almost one third of the package

28
00:02:02,380 --> 00:02:04,820
that Splunk Enterprise packages.

29
00:02:04,840 --> 00:02:09,970
It was close to 220 megabytes, but this is like 54 MP.

30
00:02:09,970 --> 00:02:17,470
So it is like much lightweight and it consumes less process when you compare it to RAM and CPU usage

31
00:02:17,470 --> 00:02:18,940
of any other processors.

32
00:02:19,090 --> 00:02:24,700
It is very lightweight and it sits without affecting any performance on the remote machines.

33
00:02:24,700 --> 00:02:26,530
We can download windows.

34
00:02:26,560 --> 00:02:34,360
As part of this tutorial will be installing Windows client also to fetch data from the Windows machine.

35
00:02:34,360 --> 00:02:39,880
Again, it has a command line option where you can click and download this.

36
00:02:40,940 --> 00:02:41,480
Or.

37
00:02:43,170 --> 00:02:49,740
You can wait for the this to finish, then copy this into all the windows machines wherever you would

38
00:02:49,740 --> 00:02:52,350
like to install your universal folder.