Deployment Architecture
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Deploying Splunk HTTP Event Collector config via app from the deployment server

brent_weaver
Builder
‎11-09-2017 06:07 PM

I would like to deploy my http event collector config to my HWF's via an app. It seems that I need to configure this in splunk_httpinput and deploying it as an app does not have precedence over splunk_httpinput?!?!

I need to be able to automate the enabling of HEC and creating tokens.

Thanks!

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

esix_splunk
Splunk Employee
Splunk Employee
‎11-09-2017 08:23 PM

You can create the app on a GUI based system, and then just copy the splunk_httpinput app into your github-ish system, and deploy it from there. There is no need to try and work with the REST endpoints for this. Deploy it like a normal app via a deployment server, or check it into $splunk_home$/etc/apps on your endpoints with your version control...

Cheers
Eric

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

esix_splunk
Splunk Employee
Splunk Employee
‎11-09-2017 08:23 PM

You can create the app on a GUI based system, and then just copy the splunk_httpinput app into your github-ish system, and deploy it from there. There is no need to try and work with the REST endpoints for this. Deploy it like a normal app via a deployment server, or check it into $splunk_home$/etc/apps on your endpoints with your version control...

Cheers
Eric

0 Karma
Reply
Solved! Jump to solution

brent_weaver
Builder
‎11-11-2017 05:18 AM

i figured this out... i tried to just deploy the local dir as opposed to the whole app plust local. i cannot figure out how my co worker did it outside the splunk_httpinput app?

bottom line it is working great now thanks to you guys!

0 Karma
Reply
Solved! Jump to solution

brent_weaver
Builder
‎11-10-2017 04:48 AM

Erin - Thanks for the info. I tried that and splunk told me that there is file integrity issues as this app is in the manifest in splunk. !?!?!?

0 Karma
Reply
Solved! Jump to solution

maciep
Champion
‎11-09-2017 06:31 PM

I've only skimmed the instructions, but it seems like the process is to deploy the splunk_httpinput app from the deployment server.

http://dev.splunk.com/view/event-collector/SP-CAAAE73#setup

0 Karma
Reply
Solved! Jump to solution

brent_weaver
Builder
‎11-09-2017 07:39 PM

Hey thanks for the article, but given my env I cannot configure anything in the web UI. We have to run all config changes thru a github-ish process since we have multiple isolated splunk envs. I want to be able to push out to all so using the UI is not really an option. I guess maybe REST API?

0 Karma
Reply
Solved! Jump to solution

maciep
Champion
‎11-10-2017 05:10 AM

are you saying that you use the internal process instead of adeployment server? Or you do have a deployment server, but you need push app to its deployment-apps/serverclass.conf/etc via the internal process?

0 Karma
Reply
Solved! Jump to solution

brent_weaver
Builder
‎11-12-2017 05:40 AM

nope, i am using the deplyment server to accomplish. what i was doing wrong was only trying to push splunk_httpinputs/local dir as opposed to the whole app.

0 Karma
Reply
Get Updates on the Splunk Community!

Observability Unlocked: Kubernetes Monitoring with Splunk Observability Cloud

  Ready to master Kubernetes and cloud monitoring like the pros?Join Splunk’s Growth Engineering team for an ...

Wrapping Up Cybersecurity Awareness Month

October might be wrapping up, but for Splunk Education, cybersecurity awareness never goes out of season. ...

🌟 From Audit Chaos to Clarity: Welcoming Audit Trail v2

🗣 You Spoke, We Listened  Audit Trail v2 wasn’t written in isolation—it was shaped by your voices.  In ...