- Notes, cautions, and warnings
- Introduction
- Requirements
- Download the software
- Verify the installation package
- Installation
- Uninstall Trusted Device
- Features
- Interoperability
- Run the BIOS Verification agent
- Results, troubleshooting, and remediation
SIEM solutions often require a utility to consume data sources. The Splunk universal forwarder is a lightweight forwarding solution that can be configured for use with the Event Repository during or after installation. The following example provides installation and configuration reference for the Splunk universal forwarder to push data from Event Repository to a Splunk SIEM instance.
Use one of the following articles to install a universal forwarder based on the environment in which your Event Repository is installed:
After installation, see this Splunk article to configure the universal forwarder for use with the Event Repository.
After Docker is installed and prerequisites are configured, go to Run the Event Repository.