how to know app is synced between deployments-serv...

s0rbeto · ‎10-14-2015

i have a deployment-server and 3000 clients, i made changes to one of the app, and it should pushed to all the forwarder agents which is associated with the app.

Here comes my challenge, what if i have no access to those servers at all? No RDP, and no SSH. I got _internal log, how i can tell if the client picked up the changes i made?

All comments and suggestions are welcome, just want to know how people deal with this situation

Thank you! Cheers!

MuS · ‎10-14-2015

Hi s0rbeto,

index=_internal on your deployment server will provide such information for the last 30 days (that's the default retention for this index). If you search like this:

index=_internal sourcetype=splunkd deployedapplication

you will get a nice bunch of information out of it.

Hope this helps ...

cheers, MuS

s0rbeto · ‎10-19-2015

right, i knew this but lets say you make changes to certain app "Splunk_TA", supposingly the client should pick up whatever changes and restart splunkd. How you can tell if the client already pick up the recently modified changes?
Thanks

how to know app is synced between deployments-server and clients without RDP nor ssh into client servers

Splunk Search APIを使えば調査過程が残せます

Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...

Congratulations to the 2025-2026 SplunkTrust!

Join the Conversation

how to know app is synced between deployments-server and clients without RDP nor ssh into client servers

Splunk Search APIを使えば調査過程が残せます

Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...

Congratulations to the 2025-2026 SplunkTrust!