Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to troubleshoot why our command to install a Splunk Forwarder via CLI for Windows Firewall is no longer working?

CaptainHook
Communicator
‎05-10-2016 07:00 AM

We have been running msiexec.exe /i "c:\SFTPRoot\splunkforwarder-x.x.x-xxxx-x64-release.msi" AGREETOLICENSE=Yes /quiet to install a Splunk forwarder on our firewall servers that do not have RDP access; However, of recent, we are running into an issue where this command is not working anymore and we are not receiving any indication as to why it fails.

Does anyone have experience with doing this type of restricted install and/or Windows command line ideas?

Thank you in advance.

0 Karma
Reply

bsachitano
Explorer
‎05-10-2016 07:23 AM

Add logging to your command to see why it's failing.

Try running:

msiexec.exe /i "c:\SFTPRoot\splunkforwarder-x.x.x-xxxx-x64-release.msi" /L C:\logfile.txt

Then evaluate the file.

0 Karma
Reply

CaptainHook
Communicator
‎05-10-2016 09:50 AM

I had since tried that by running this:

msiexec.exe /i "C:\Users\srvHPOM\Downloads\ splunkforwarder-x.x.x-xxxx-x64-release.msi" /L*V C:\Users\srvHPOM\Downloads\myinstall.log" AGREETOLICENSE=Yes

It was unsuccessful and wrote a log with 0b.

0 Karma
Reply

bsachitano
Explorer
‎05-10-2016 10:21 AM

OK, Try this to see if it writes a log.:

msiexec.exe /i "splunkforwarder-x.x.x-xxxxx-x64-release.msi" ALLUSERS=1 /qn /norestart /log output.log AGREETOLICENSE=Yes

I had issues with several machines when using an auto-deployer like SCCM or PDQ Deply. I got back messages saying the product was already deployed, when it really wasn't.

0 Karma
Reply

CaptainHook
Communicator
‎05-10-2016 11:10 AM

Thank you very much. I will try this when I get a moment today and let you know.

0 Karma
Reply

sloshburch
Ultra Champion
‎06-13-2016 01:28 PM

Any luck?

0 Karma
Reply
Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Dynamic formatting from XML events

This challenge was first posted on Slack #puzzles channelFor a previous puzzle, I needed a set of fixed-length ...

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

  🚀 Your data just got a serious AI upgrade — are you ready? Say hello to the Agentic Era with the ...

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...