How to test a linux forwarder connection to deploy...

Lwoods · ‎06-14-2023

Hello,

I've completed the following:

1. Installed Linux forwarder.

2. Assigned ownership and permissions to splunk user and group

3. started splunk and accepted license

4. entered admin credentials

5. typed in "./splunk enable boot-start -systemd-managed 1 -user splunk -group splunk.

6. typed in "./splunk set deploy-poll mysplunkservertest.com:8089

7. Verified deployment.conf file and the uri

8. restarted splunk.

Now, how do I test the connection from the forwarder to the deployment server?

thanks

richgalloway · ‎06-14-2023

Step 5 must be performed by root.

Verify the deployment server (DS) is running. Confirm the UF is allowed by the network to connect to the DS.

Check splunkd.log on the UF for messages from the "DC" component to confirm the UF is able to connect or for any errors attempting to connect.

If successful, you should see the UF in the DS. Go to Settings->Forwarder Management.

---
If this reply helps you, Karma would be appreciated.

How to test a linux forwarder connection to deployment server?