Solved: Re: Splunk FOrwarder information in the API

akrai · ‎07-10-2019

I need to know if my asset/ hosts/devices has splunk forwarder installed . Which API would give me that information, and what would be the column name in that API.

nabeel652 · ‎07-10-2019

Not sure about an API but you could do a powershell script like this:

    $computers = "Computer1", "Computer2", "Computer3", "Computer4"


foreach ($computer in $computers){ 
    try {
        $result = Get-Service -ComputerName $computer | where {$_.Name -like "SplunkForwarder"}
    }
    catch {
        Write-Host "Some problem occured accessing" $computer -ForegroundColor Red
    }
    if ($result -ne $null) {
        Write-Host $computer "Has Splunk Forwarder Installed" -ForegroundColor Green
    }
    $result = $null
}

View solution in original post

nabeel652 · ‎07-10-2019

Not sure about an API but you could do a powershell script like this:

    $computers = "Computer1", "Computer2", "Computer3", "Computer4"


foreach ($computer in $computers){ 
    try {
        $result = Get-Service -ComputerName $computer | where {$_.Name -like "SplunkForwarder"}
    }
    catch {
        Write-Host "Some problem occured accessing" $computer -ForegroundColor Red
    }
    if ($result -ne $null) {
        Write-Host $computer "Has Splunk Forwarder Installed" -ForegroundColor Green
    }
    $result = $null
}

akrai · ‎07-10-2019

Thanks for the response,, Appreciate it.. I am specifically looking for the API which can bring in the splunk forwarder information.
My usecase would be enterprise wide and would not be feasible to get a report for all the splunk forwarder information.

Splunk FOrwarder information in the API

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics!

New in Observability Cloud - Explicit Bucket Histograms