Deployment Architecture

How can I automate the data on-boarding process?

Path Finder

I have Splunk Universal Forwarder installed on RHEL. I have hundreds of stanzas manually written in $SPLUNKHOME/etc/apps//default/ to facilitate log data on-boarding from sources on the network (our Splunk PS configured it this way initially). Can this process be automated so that when new systems are introduced on the network they can be detected, and a new stanza be written/current stanza be updated manually?

Tags (1)
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

Using the Splunk Threat Research Team’s Latest Security Content

REGISTER HERE Tech Talk | Security Edition Did you know the Splunk Threat Research Team regularly releases ...

SplunkTrust | 2024 SplunkTrust Application Period is Open!

It's that time again, folks! That's right, the application/nomination period for the 2024 SplunkTrust is ...