Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Can a deployment client subscribe to an app?

echalex
Builder
‎10-09-2012 12:02 AM

Hi,

We are using the deployment server to distribute configuration to universal forwarders. Since we are using chef to install the forwarders, it would be very good if we could add the forwarder to a serverclass from the forwarder host itself, rather than doing this at the deployment server.

Any suggestions on doing this. Preferrably, it should be scriptable. With that I mean either a CLI command to run on the forwarder, or some way to do it through the REST API.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

yannK
Splunk Employee
Splunk Employee
‎10-09-2012 06:07 AM

there is a way to achieve this.
The deploymentclient.conf on the client has a parameter clientName that can be used to replace the ip and hostname used to match the whitelist/blacklist in the server serverclass.conf

see http://docs.splunk.com/Documentation/Splunk/4.3.4/admin/Serverclassconf
and http://docs.splunk.com/Documentation/Splunk/4.3.4/admin/Deploymentclientconf

You could use define your classes with roles by example, and use chef to populate the clientName with a concatenation of the classes and hostname.

example :

[deployment-client]
clientName=myhostname-roleA-roleB

and on the serverclass

[myclassA]
whitelist=*roleA*
[myclassB]
whitelist=*roleB*

View solution in original post

Reply
Solved! Jump to solution
Solution

yannK
Splunk Employee
Splunk Employee
‎10-09-2012 06:07 AM

there is a way to achieve this.
The deploymentclient.conf on the client has a parameter clientName that can be used to replace the ip and hostname used to match the whitelist/blacklist in the server serverclass.conf

see http://docs.splunk.com/Documentation/Splunk/4.3.4/admin/Serverclassconf
and http://docs.splunk.com/Documentation/Splunk/4.3.4/admin/Deploymentclientconf

You could use define your classes with roles by example, and use chef to populate the clientName with a concatenation of the classes and hostname.

example :

[deployment-client]
clientName=myhostname-roleA-roleB

and on the serverclass

[myclassA]
whitelist=*roleA*
[myclassB]
whitelist=*roleB*

Reply
Solved! Jump to solution

echalex
Builder
‎10-09-2012 08:50 AM

Yes, that's what I want, more or less. I guess the clientName solution is the closest thing, but it does require some preparation. OTOH, it is a sane approach which provides a kind of "menu" of distributable apps.

Do you know if there are any restrictions on length and characters contained?

0 Karma
Reply
Solved! Jump to solution

yannK
Splunk Employee
Splunk Employee
‎10-09-2012 07:28 AM

So you want to remotely edit the serverclass.conf on the deployment-server to add a whitelist item ?
I am not sure that there is a REST API for it.

0 Karma
Reply
Solved! Jump to solution

echalex
Builder
‎10-09-2012 07:24 AM

Thanks, but that doesn't really do what I want. (I know about clientName).

This solution requires the whitelists to be configured beforehand on the deployment server.

0 Karma
Reply
Get Updates on the Splunk Community!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer at Splunk .conf24 ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...