Excluded processes

-------------
Unix/Linux
-------------
bloom
btool
btprobe
bzip2
cherryd
classify
exporttool
locktest
locktool
node
python*
splunk
splunkd
splunkmon
tsidxprobe
tsidxprobe_plo
walklex

-------------
Windows
-------------
splunk-admon.exe
splunk-compresstool.exe
splunk-MonitorNoHandle.exe
splunk-netmon.exe
splunk-optimize-lex.exe
splunk-optimize.exe
splunk-perfmon.exe
splunk-regmon.exe
splunk-winevtlog.exe
splunk-winhostinfo.exe
splunk-winprintmon.exe
splunk-wmi.exe
splunk.exe
splunkd.exe

Excluded directory

• For Splunk Enterprise

• All directories under $SPLUNK_HOME
• All directories under $SPLUNK_DB

*If you have set a destination directory for each index in the indexes.conf file, be sure to exclude that directory as well.

*$SPLUNK_HOME is the installation directory. By default, it is as follows:

<Linux>

/opt/splunk

<Windows>

C:\Program Files\Splunk

*$SPLUNK_DB refers to the directory where Splunk index data is stored, and the default is as follows.

<Linux>

/opt/splunk/var/lib/splunk

<Windows>

C:\Program Files\Splunk\var\lib\splunk

• For Splunk universal forwarder

• All directories under $SPLUNK_HOME
• Directory under /Applications/splunkforwarder (for OS X)

*$SPLUNK_HOME refers to the Splunk installation directory, which is as follows by default.

<Linux>

/opt/splunkforwarder

<Windows>

C:\Program Files\SplunkUniversalForwarder