About the Content Pack for Monitoring Microsoft Windows

The Content Pack for Monitoring Microsoft Windows provides the elements necessary for monitoring your OS health related to Windows servers. It uses the heavy or universal forwarder and an add-on to collect and send data to either event indexes or metric indexes. This content pack relies on the Splunk Add-on for Microsoft Windows, where the collected data is sent to either event indexes or metric indexes. For more information, see the Splunk Add-on for Microsoft Windows.

The content pack includes a pre-configured service template for monitoring OS health metrics for CPU, memory, disk, and network. The KPIs in the service template are configured for general purposes only and must be tuned to accommodate your specific use case.

Contents

This content pack contains the following objects:

  • OS-level KPIs
  • Six KPI base searches:
    • OS:Performance.WIN.CPU
    • OS:Performance.WIN.LogicalDisk
    • OS:Performance.WIN.Memory
    • OS:Performance.WIN.Network
    • OS:Performance.WIN.PhysicalDisk
    • OS:Performance.WIN.WinHostMon
  • A service template: Windows server health
  • A sample service to use for testing entity filtering and KPI thresholds: SAMPLE - Windows server health to use for testing entity filtering and KPI thresholds.

Deployment requirements

Use the following table to determine ITSI version compatibility with various versions of the Content Pack for Monitoring Microsoft Windows:

Splunk App for Content Packs version Content pack version ITSI version Splunk Add-on for Windows
2.0.0 1.8.0 4.17.x 8.7.0
1.8.0 1.2.0 4.14.x, 4.15.x 8.5.0
1.5.0 1.1.0 4.9.4 or 4.11.0 or higher 8.1.2, 8.2.0
1.0.0 1.0.2 4.9.0 or higher n/a