Documentation

uberAgent for Splunk is a Windows agent for Splunk. You have come to the right place if you want to get it up and running in your environment.

Getting Started

Start by checking out the system requirements and take a look at the release notes.

If you have not yet done so, install Splunk.

Next, you probably want to know how to install and deploy uberAgent.

Components

uberAgent consists of two components, the Splunk app and the actual agent. The app contains the user interface that presents the data collected by the agent.

Configuration

Here is a list of all the metrics collected by uberAgent. If you want to create your own dashboards you should take a look at the source code of uberAgent’s dashboards. You might also find this list of Splunk events and source types useful.

If you want to change what data is collected and how often that happens you can do so easily by editing the configuration. Here is a list of steps to take in order to reduce uberAgent’s data volume.

To configure uberAgent via Group Policy please follow these instructions.

Troubleshooting

uberAgent’s log file helps you quickly find out what is going on. It is easy to read and has a wealth of information. Make sure to take a look at the help center if you have a question or a problem.

Upgrading

When a new version of uberAgent is released you might want to upgrade you installation. Here’s how to do that.

More Information

Take a look at our blog articles.

Questions?

Do you have questions that were not answered here? Please ask us, we are happy to help!