Deployment Architecture

Deployment server firewall rules

EricPartington
Communicator

I am planning to use the deployment server functionality of splunk 4.2 . I am trying to in down all the firewall rules and direction that will be required to make all the components of splunk work.

is the deployment server a push from server to client, or are there client to server initiated communications (call home, checkups)? Do these use the same 8089 (or configured) port that a distributed search head and indexer would use to communicate ?

what about the master license server? What ports does it use to transfer/poll for licensing information? What is the direction of that network flow ? (pull from master or push from slave?)

1 Solution

hazekamp
Builder

With respect to deployment client-server, the client is responsible for contacting the server. The port for this is configurable based on splunkd of your deployment server but would default to 8089.

See also: http://www.splunk.com/base/Documentation/latest/Deploy/Aboutdeploymentserver

With respect to License slaves I believe they work similar to deployment clients (contacting License master via splunkd 8089 by default).

See also: http://www.splunk.com/base/Documentation/latest/Admin/Configurealicenseslave

View solution in original post

hazekamp
Builder

With respect to deployment client-server, the client is responsible for contacting the server. The port for this is configurable based on splunkd of your deployment server but would default to 8089.

See also: http://www.splunk.com/base/Documentation/latest/Deploy/Aboutdeploymentserver

With respect to License slaves I believe they work similar to deployment clients (contacting License master via splunkd 8089 by default).

See also: http://www.splunk.com/base/Documentation/latest/Admin/Configurealicenseslave

Get Updates on the Splunk Community!

BSides Splunk 2022 - The Call for Papers is now Open!

TLDR; Main Site: https://bsidessplunk.com CFP Site: https://bsidessplunk.com/cfp CFP Opens: December 15th, ...

Sending Metrics to Splunk Enterprise With the OpenTelemetry Collector

This blog post is part of an ongoing series on OpenTelemetry. The OpenTelemetry project is the second largest ...

What's New in Splunk Cloud Platform 9.0.2208?!

Howdy!  We are happy to share the newest updates in Splunk Cloud Platform 9.0.2208! Analysts can benefit ...