Deployment Architecture
Highlighted

Issues with deployment updating apps

Path Finder

I am trying to setup a deployment server for all of my other forwarders on the network. I am trying to test to see if the deployment is working correctly so I put an updated copy of the search app in the etc/deployment-apps folder. I unarchived the file and put that folder in the deployment-apps folder. I cant seem to get the updated version sent out to my other forwarders. There are no firewall issues and I am going from a windows server to another windows server as a test before I add my other linux and windows servers to the client list. Here are my configs:

Deployment Server:

[Global]
repositoryLocation = C:\Program Files\Splunk\etc\apps
continueMatching = True
restartSplunkd = True
blacklist.0 = *

[serverClass:AppsByMachine]
filterType = whitelist
repositoryLocation = C:\Program Files\Splunk\etc\deployment-apps
whitelist = enabled
whitelist.0 = IP Address
whitelist.1 = IP Address

[serverClass:AppsByMachineType:app:Search]
machineTypes = windows-intel
stateOnClient = enabled

Deployment Client:

[deployment-client]
disabled = false
workingDir = $SPLUNK_HOME/var/run/deploy-client
serverEndpointPolicy = acceptAlways

[target-broker:deploymentServer]
targetUri= IP Address:Port

Both config files are in the correct place on each server. Why isn't this working?

0 Karma
Highlighted

Re: Issues with deployment updating apps

SplunkTrust
SplunkTrust

Maybe this sample can help? I'm not using every option you are above but the basics may help.

[global] whitelist.0=*

[serverClass:lightforwarders] whitelist.0=*

[serverClass:lightforwarders:app:SplunkLightForwarder] machine-type=windows-intel stateOnClient=enabled restartSplunkd=true

[serverClass:winEvt] whitelist.0=*

[serverClass:winEvt:app:winEvt] machine-type=windows-intel stateOnClient=enabled restartSplunkd=true

[serverClass:winEvt:app:winEvtDC] whitelist.0= whitelist.1= stateOnClient=enabled restartSplunkd=true

0 Karma
Highlighted

Re: Issues with deployment updating apps

SplunkTrust
SplunkTrust

Looks like my config didn't come across completely:

[global]
whitelist.0=*

[serverClass:lightforwarders]
whitelist.0=*

[serverClass:lightforwarders:app:SplunkLightForwarder]
machine-type=windows-intel
stateOnClient=enabled
restartSplunkd=true

[serverClass:winEvt]
whitelist.0=*

[serverClass:winEvt:app:winEvt]
machine-type=windows-intel
stateOnClient=enabled
restartSplunkd=true

[serverClass:winEvt:app:winEvtDC]
whitelist.0=abc.mydomain.com
whitelist.1=def.mydomain.com
stateOnClient=enabled
restartSplunkd=true

0 Karma
Highlighted

Re: Issues with deployment updating apps

Path Finder

That did not seem to work. It didn't seem to do anything. I have just looked on the deployment server under the deployment server class status and see that under applications that there is only a little rectangle, and no actual apps, if that helps.

0 Karma
Highlighted

Re: Issues with deployment updating apps

Splunk Employee
Splunk Employee

You should look into enabling DEBUG level logging of DeploymentClient class using the CLI, then see what the client is being told his classes should be in splunkd.log: http://www.splunk.com/base/Documentation/4.1.6/Admin/ContactSupport#Enable_debug_messages_from_the_C...

You can also enable DEBUG on the DeploymentServer class on the server.

0 Karma
Highlighted

Re: Issues with deployment updating apps

Motivator

I would begin troubleshooting this by removing the repositoryLocation = C:\Program Files\Splunk\etc\apps line from the [global] stanza.

Also keep in mind that machineTypes only gets applied if no clients are matched via white/blacklist filters (see docs). The whitelist settings in [serverClass:AppsByMachine] may interfere with this.

0 Karma