Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to migrate Heavy Forwarder from Windows server to Linux Server

Jagadeesh2022
Path Finder
‎11-12-2022 10:09 AM

Hi All,

Currently we are using 3 Heavy Forwarder in Windows server. Due to budget problem we are planning to move all HF to Linux server. 

Kindly guide and suggest how to move HF from Windows to Linux. 

How to copy to already installed apps and existing settings and configuration files from windows to Linux?

Thank in advance for your reply.

 

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

richgalloway
SplunkTrust
SplunkTrust
‎11-12-2022 05:35 PM

Splunk config files and most apps are platform-agnostic.  The files can be copied directly from %SPLUNK_HOME%/etc/system to $SPLUNK_HOME/etc/system and from %SPLUNK_HOME%/etc/apps to $SPLUNK_HOME/etc/apps.

---
If this reply helps you, Karma would be appreciated.

View solution in original post

Reply
Solved! Jump to solution

gcusello
SplunkTrust
SplunkTrust
‎11-13-2022 01:18 AM

Hi @Jagadeesh2022,

as @richgalloway said, you can use the same configurations passing from Windows to Linux, you have only to put attention on to issues:

  • if you have to read local files, you have to change the path ("/" instead of "\") of the files to read,
  • you need of TA-Linux instead TA-Windows to monitor the machine. 

One addition information: You said that you have to change for budget reasons, in general, I hint to use Linux instead Windows in all the servers to run Splunk: I never saw large Splunk production infrastructures using Windows!

Ciao.

Giuseppe

Reply
Solved! Jump to solution

Jagadeesh2022
Path Finder
‎11-15-2022 08:37 AM

Thank you @gcusello 

0 Karma
Reply
Solved! Jump to solution
Solution

richgalloway
SplunkTrust
SplunkTrust
‎11-12-2022 05:35 PM

Splunk config files and most apps are platform-agnostic.  The files can be copied directly from %SPLUNK_HOME%/etc/system to $SPLUNK_HOME/etc/system and from %SPLUNK_HOME%/etc/apps to $SPLUNK_HOME/etc/apps.

---
If this reply helps you, Karma would be appreciated.
Reply
Solved! Jump to solution

Jagadeesh2022
Path Finder
‎11-15-2022 08:37 AM

Thank you @richgalloway 

0 Karma
Reply
Get Updates on the Splunk Community!

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

Take a look below to explore our upcoming Community Office Hours, Tech Talks, and Webinars this month. This ...

They're back! Join the SplunkTrust and MVP at .conf24

With our highly anticipated annual conference, .conf, comes the fez-wearers you can trust! The SplunkTrust, as ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...