We have two deployment servers that live in DMZ's. For this reason I am not allowed access to the web port from my local system. The license server /Monitoring console does have access to both on 8089. Is there some way that I can run a search from the license server that would return results similar to the forwarder management screen?
I was playing around with
|rest /services/deployment/server/clients count=0 splunk_server=https://DMZDEPLOY1:8089
But this does not work.
I was also toying with the idea of putting in some cron jobs that output to files that would then be picked up by the indexers.. Like
/opt/splunk/bin/splunk list deploy-clients
However, I don't know how I would get around the authentication piece of this. Plus I don't like posting passwords in clear text in a cron job..
Yes, you can either use the API to get this information or enable remote CLI (disabled by default i believe).
You will need to make sure the admin password is changed and that you have enabled remoteCLI in the config.
The other options is to write your own script using bash with curl or some python.
Your first example will only work if your deployment server is a search peer of the search head.
| rest /services/deployment splunk_server=mySplunkServer
mySplunkServer should be typed as shown is splunk_server in interesting fields
As a followup to @bmacias84 comment, you need to have access to the REST/Management endpoint on both those hosts in the DMZ in order to use REST based commands, or any of the API related SDKs. Out of the box this is TCP/8089.