Deployment Architecture
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to migrate Heavy Forwarder from Windows server to Linux Server

Jagadeesh2022
Path Finder
‎11-12-2022 10:09 AM

Hi All,

Currently we are using 3 Heavy Forwarder in Windows server. Due to budget problem we are planning to move all HF to Linux server. 

Kindly guide and suggest how to move HF from Windows to Linux. 

How to copy to already installed apps and existing settings and configuration files from windows to Linux?

Thank in advance for your reply.

 

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

richgalloway
SplunkTrust
SplunkTrust
‎11-12-2022 05:35 PM

Splunk config files and most apps are platform-agnostic.  The files can be copied directly from %SPLUNK_HOME%/etc/system to $SPLUNK_HOME/etc/system and from %SPLUNK_HOME%/etc/apps to $SPLUNK_HOME/etc/apps.

---
If this reply helps you, Karma would be appreciated.

View solution in original post

Reply
Solved! Jump to solution

gcusello
SplunkTrust
SplunkTrust
‎11-13-2022 01:18 AM

Hi @Jagadeesh2022,

as @richgalloway said, you can use the same configurations passing from Windows to Linux, you have only to put attention on to issues:

  • if you have to read local files, you have to change the path ("/" instead of "\") of the files to read,
  • you need of TA-Linux instead TA-Windows to monitor the machine. 

One addition information: You said that you have to change for budget reasons, in general, I hint to use Linux instead Windows in all the servers to run Splunk: I never saw large Splunk production infrastructures using Windows!

Ciao.

Giuseppe

Reply
Solved! Jump to solution

Jagadeesh2022
Path Finder
‎11-15-2022 08:37 AM

Thank you @gcusello 

0 Karma
Reply
Solved! Jump to solution
Solution

richgalloway
SplunkTrust
SplunkTrust
‎11-12-2022 05:35 PM

Splunk config files and most apps are platform-agnostic.  The files can be copied directly from %SPLUNK_HOME%/etc/system to $SPLUNK_HOME/etc/system and from %SPLUNK_HOME%/etc/apps to $SPLUNK_HOME/etc/apps.

---
If this reply helps you, Karma would be appreciated.
Reply
Solved! Jump to solution

Jagadeesh2022
Path Finder
‎11-15-2022 08:37 AM

Thank you @richgalloway 

0 Karma
Reply
Get Updates on the Splunk Community!

Unleash Unified Security and Observability with Splunk Cloud Platform

     Now Available on Microsoft AzureThursday, March 27, 2025  |  11AM PST / 2PM EST | Register NowStep boldly ...

Splunk AppDynamics with Cisco Secure Application

Web applications unfortunately present a target rich environment for security vulnerabilities and attacks. ...

New Splunk Innovations Enhance Performance and Accelerate Troubleshooting

Splunk is excited to announce new releases that empower ITOps and engineering teams to stay ahead in ever ...
li.common.scroll-to.top