Deployment Architecture

How to search what universal forwarder version and machine type my hosts are running and save this as a report?

pil321
Communicator

The Deployment Monitor gives you some good information and the Forwarder Manager gives you some good info as well. But, they don't let you save the information they collect as a report.

So, I would like to be able to do a search to find out what version universal forwarder my hosts are running (which Deployment Monitor does) AND what machine type they are running (which Forwarder Management does) AND be able to save the search as a report (which the Search & Reporting app does). I can't get a peek as to how the apps get this information, since they don't give you a way to open them in search mode.

1 Solution

mkinsley_splunk
Splunk Employee
Splunk Employee

We highly recommend you use the Splunk on Splunk app S.o.S instead of Deployment Monitor. If you haven't already, try it out. You'll really like what you see.

In order to see what searches have been run , no matter what app you're in, click on the Activity menu and choose Jobs from the dropdown. From here you will be able to see the exact search that was run. Please note the context dropdowns (filtered by app and owner). If you click on the search text (it shows up as a link), it will open in the search view.

View solution in original post

mkinsley_splunk
Splunk Employee
Splunk Employee

We highly recommend you use the Splunk on Splunk app S.o.S instead of Deployment Monitor. If you haven't already, try it out. You'll really like what you see.

In order to see what searches have been run , no matter what app you're in, click on the Activity menu and choose Jobs from the dropdown. From here you will be able to see the exact search that was run. Please note the context dropdowns (filtered by app and owner). If you click on the search text (it shows up as a link), it will open in the search view.

Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...