Deployment Architecture

Debugging app deployment to AWS cluster

Path Finder



I have an on-prem Splunk cluster and an AWS cluster. Each one has its own indexers and clustermaster, though only the on-prem setup has a search head and a deployment server. 


When I use the deployment server to deploy configurations to a splunk forwarder in AWS, it keeps failing to deploy. I have checked:

Forwarder is installed on machine to send logs

DS can contact the machine to send apps via port 8089

I used TCPDump on the forwarder machine on port 8089 and can see packets from the deployment server 

Unfortunately all I can get from the internal logs is this delightfully descriptive error message:

05-19-2021 08:04:42.818 +0200 WARN ClientSessionsManager - ip=<omitted> name=<omitted> Updating record for sc=<serverclass name> app=<app name>: action=Download result=Fail checksum=0


Can anyone suggest more areas to look at? I can't figure out why it is not deploying properly.

Labels (1)
0 Karma
Get Updates on the Splunk Community!

Detecting Remote Code Executions With the Splunk Threat Research Team

WATCH NOWRemote code execution (RCE) vulnerabilities pose a significant risk to organizations. If exploited, ...

Enter the Splunk Community Dashboard Challenge for Your Chance to Win!

The Splunk Community Dashboard Challenge is underway! This is your chance to showcase your skills in creating ...

.conf24 | Session Scheduler is Live!!

.conf24 is happening June 11 - 14 in Las Vegas, and we are thrilled to announce that the conference catalog ...