Intermediate Pro

Deploying Splunk Universal Forwarder on Windows Machine

Collecting and Forwarding Logs from Windows to Splunk Indexer

Self-Paced by Rajneesh Gupta

Overview

This project guides you through installing and configuring the Splunk Universal Forwarder (UF)
on a Windows server. The Universal Forwarder is a lightweight Splunk agent that collects logs
and securely forwards them to a Splunk Indexer or Splunk Cloud.

By the end of this project, you will:

  • Deploy the Splunk UF on Windows 10/11 or Windows Server.
  • Configure UF to forward system and security event logs.
  • Validate that logs are successfully ingested into Splunk.

What You'll Learn

  • Splunk Universal Forwarder Basics

    Understand the role of UF in log collection and forwarding to Splunk.

  • Installation & Configuration

    Learn to install Splunk UF on Windows, set it up as a service, and configure outputs.

  • Log Forwarding

    Configure UF to forward Windows Event Logs (System, Security, Application).

  • Validation in Splunk

    Confirm forwarded data is searchable in Splunk via specific indexes and sourcetypes.

About Trainer

Rajneesh Gupta

Rajneesh Gupta

Rajneesh Gupta is a seasoned cybersecurity professional with over 11 years of industry experience. With a remarkable career focused on incident response, penetration testing, security compliance, and risk management, Rajneesh has established himself as a leading expert in the field. He is also an accomplished author, having penned the book "Hands-on with Blockchain and Cybersecurity". As a dedicated educator, Rajneesh has made a significant impact on the cybersecurity community by training over 60,000 students globally.

LinkedIn YouTube GitHub

Related Projects

Apache Server Log Analysis using Splunk
Pro Intermediate

Apache Server Log Analysis using Splunk

Detecting Brute Force, SQL Injection, XSS, and Suspicious Web Activity from Apache Access Logs with Splunk SIEM

Wazuh + n8n + Anyrun: Automated Malware Analysis
Pro Intermediate

Wazuh + n8n + Anyrun: Automated Malware Analysis

Automate malware analysis by sending Wazuh-detected suspicious files into ANY.RUN, retrieving detailed reports and IOCs, and integrating results back into your SOC workflow.

Apache Web Server Log Monitoring using Wazuh
Pro Beginner

Apache Web Server Log Monitoring using Wazuh

Real-time detection of HTTP errors, brute-force and suspicious requests from Apache logs