SOC Experts Community - Beta
1 like 0 dislike
in SOC by (4.1k points)

4 Answers

1 like 1 dislike
by (5.9k points)
Forwarders are the one which will securely collects the logs from various log sources and hand over to Spunk for Indexing and further procedures.

The types of forwarders are Universal forwarders and Heavy forwarders
0 like 0 dislike
Splunk forwarder is an agent to collect the logs from the data sources like servers, critical end user machines, db etc .

There are two types of forwarders in splunk

Universal forwarder and Heavy forwarder.

Universal forwarder will collect logs and forward it to Heavy forwarder (optional) or  directly forward it to the indexer for storage.
0 like 0 dislike
by (140 points)
Forwarders are the one which works as a agent and push all the logs from all data sources to indexers

two types

1)Universal forwarder -installed in data source and push logs to indexer or heavy forwarder(optional)

2)Heavy forwarder(optional)-collect logs from various universal forwarder and push to indexer
0 like 0 dislike
Forwarders are mainly used to collect logs from different log sources

Types of forwarders:

Universal, heavy forwarders

SOC Experts - No. 1 Job Oriented Cybersecurity Training Program

View our Courses