- Splunk Answers
- :
- Splunk Administration
- :
- Getting Data In
- :
- How to use Deployment server on unix server with w...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How to use Deployment server on unix server with windows clients
Hi,
My environment contains central splunk server installed on Suse server. It collects the logs from universal forwarders from windows servers. I want to use deployment server on suse server and push my configurations to all the windows servers. Is this possible. Or only windows splunk server can push the configurations to windows forwarders.
Regards
Harry
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It is absolutely possible. We use one deployment server on CentOS, to deploy to both Linux and Windows servers. Apps are, when all is said and done, just aggregations of text files. As for your issue of permissions, that is a matter for the individual Splunk instances on the target servers. The source of the deployment will have very little to do with it. The permissions are inherited from the Splunk process receiving the configuration. If the Splunk process is running as a different UID from the original installer, it's going to have permission issues.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for the response. What I am seeing is as follows:
Deploy server=Windows 2008R2
Heavy Forwarder=Debian.
When I deploy the Splunk on Splunk app from the Windows box to Linux, the Python scripts do not retain their execute flag.
I installed heavy forwarder as root. Splunkd is running as root. I can chmod the files after deployment. I have seen others that have tried to do this with scripts, but the posts were a couple of years old.
What you state about the process having the rights makes me wonder what I might be missing.
Can you elaborate on the rights that the process needs?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Doesn't matter - Linux deployment server should work just fine with any client regardless of OS.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
WIll the apps that are deployed from the Linux server have the proper file rights in the Windows environments? Going the other way (from Windows to Linux) creates file rights issues with the scripts in the deployed apps on the Linux forwarders. I am thinking of replacing the Windows deployment server with Linux if this will solve the issue. Can you confirm this?
Introducing the Splunk Community Dashboard Challenge!
Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...
Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...
