Hi @chris94089,

you should before deeply read all the doc at https://docs.splunk.com/Documentation/Splunk/8.0.5/Updating/Aboutdeploymentserver

Anyway, you have to take from Splunkbase the apps to deploy or create your custom.

In the second case the folder structure is always the same of all Splunk apps:

• bin,
• default,
• local,
• metadata.

Then you have to put these apps in %SPLUNK_HOME/etc/deployment-apps of your Deployment Server.

I prefer to have different apps and not a great fully comprehensive one.

Remember that if you have to manage more than 50 target servers, you need a dedicated DS.

Then, I hint to plan you deployment on paper (or Excel) listing all the apps for each target server and grouping them to find the rules for your  ServerClasses.

A ServerClass is, in few words, a table that correlates servers and apps to deploy.

E.G. if you have to deploy the TA_Windows App to all the Windows servers with name "winsrv*" you can group these servers using this rule to create the ServerClass.

When you fully planned your deployment, you can create, using the web GUI, your ServerClasses to deploy apps applyng the planned rules.

Remember to flag the "Splunk restart" for each app otherwise the updates will not be taken.

On final hint: create an app (called e.g. TA_Forwarders) dedicated to contain only information about Deployment Server and Indexers to deploy to all the target servers (no inputs): in this app there will be only three files:

• apps.conf, containing the name of the app,
• outputs.conf containing the addresses of Indexers,
• deploymentclient containing the address of the Deployment Server.

for more infos you can also see my answer https://community.splunk.com/t5/Deployment-Architecture/How-to-set-up-new-deployment-server-in-a-clu...

Ciao and happy splunking.

Giuseppe