Deployment Architecture

Forwarder auth

bauron
Explorer

I see in the documentation that, when activating a forwarder on the CLI, you pass "-server server:port -auth user:pass". How would I do this in a configuration file? I'm guessing server.conf in $SPLUNK_HOME/etc/apps/SplunkForwarder/local/server.conf but I'm not sure.

Thanks!

Tags (3)
0 Karma

yannK
Splunk Employee
Splunk Employee

Using the configuration file it will be in $SPLUNK_HOME/etc/system/local/outputs.conf or
$SPLUNK_HOME/etc/apps/<myapp>/local/outputs.conf, like:

[tcpout]
defaultGroup=my_indexers 

[tcpout:my_indexers]
server=mysplunk_indexer1:9997, mysplunk_indexer2:9996

See the documentation at:

http://docs.splunk.com/Documentation/Splunk/4.3.2/Deploy/Configureforwarderswithoutputs.confd

yannK
Splunk Employee
Splunk Employee

Ok, so puppet is different.
I would recommend to build a recipe to:
1- push or edit your configuration (outputs.conf)
2- restart the splunk forwarders to apply.

Another solution is to manage the configuration using the API, but it require auth too, like the CLI

0 Karma

bauron
Explorer

Hmm, I misunderstood earlier. I want to make sure that the forwarder is not only enabled but also started:
splunk add forward-server : -auth :

Is there a place to do this in the config files? I'm trying to control Splunk with Puppet and having the user:pass in a manifest is not ideal.

0 Karma

yannK
Splunk Employee
Splunk Employee

the -auth option on the CLI command line is used to avoid typing the admin/user password every time. (useful if you script the CLI configuration)
./splunk add monitor "/var/log/" -auth admin:changeme
When editing the config file you don't need it.

bauron
Explorer

Thanks for the reply! What about the -auth part, though?

0 Karma
Get Updates on the Splunk Community!

Technical Workshop Series: Splunk Data Management and SPL2 | Register here!

Hey, Splunk Community! Ready to take your data management skills to the next level? Join us for a 3-part ...

Spotting Financial Fraud in the Haystack: A Guide to Behavioral Analytics with Splunk

In today's digital financial ecosystem, security teams face an unprecedented challenge. The sheer volume of ...

Solve Problems Faster with New, Smarter AI and Integrations in Splunk Observability

Solve Problems Faster with New, Smarter AI and Integrations in Splunk Observability As businesses scale ...