Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Instructions for installing windows forwarder for Splunk Cloud?

Cuyose
Builder
‎09-23-2015 08:42 AM

the documentation does not have windows instructions for configuring the forwarder on a windows machine to communicate with your instance in splunk cloud. It merely says download and run the app, which I assume means put the credentials install file on the target windows machine you want to monitor and run it from the installed forwarders etc/bin directory" Well I did this and nothing happened.

Has someone come up with a step by step guide for doing this yet?

0 Karma
Reply

Cuyose
Builder
‎09-23-2015 02:15 PM

We had to change permissions on the installed forwarder directory and all subdirectory and files then edit the command in the instructions so it would work in windows. after that we needed to take the resulting config and auth files and put them into the etc/system/local directory for it to work. None of that was in the instructions however.

Reply

andrewb_splunk
Splunk Employee
Splunk Employee
‎09-23-2015 02:27 PM

Thank you for pointing out the shortcomings in the documentation and adding your solution here. We will get to work on clarifying these things in the docs!

0 Karma
Reply

malmoore
Splunk Employee
Splunk Employee
‎09-23-2015 02:27 PM

Were you getting a file permission error when attempting to run the commands on the forwarder? We will be updating the instructions to include steps for Windows hosts, but I am curious as to what made you have to "change permissions on the installed forwarder directory." You should not have to do that normally. Thanks.

0 Karma
Reply

andrewb_splunk
Splunk Employee
Splunk Employee
‎09-23-2015 12:30 PM

If you are using Splunk Cloud self-service look for the Universal Forwarder app that is installed in your Splunk Cloud deployment. It should contain additional instructions for getting your forwarder to communicate with Splunk Cloud.

0 Karma
Reply

Cuyose
Builder
‎09-23-2015 01:19 PM

It does not provide any additional instructions for configuring a windows agent . If you could please send me those instructions I would appreciate it.

0 Karma
Reply

andrewb_splunk
Splunk Employee
Splunk Employee
‎09-23-2015 12:30 PM

Hi Cuyose, the Splunk Cloud documentation (http://docs.splunk.com/Documentation/SplunkCloud/SplunkCloud/User/AddDataUnivFrwrder) provides links to instructions for installing a Universal Forwarder on both Windows and non-Windows systems. If you have looked at the docs already and find that they don't have the information you need, do let us know. Thanks!

0 Karma
Reply

Cuyose
Builder
‎09-23-2015 12:30 PM

I have installed the forwarder but there are no instructions for getting it to communicate to the Cloud Indexer.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Detection Engineering Office Hours: Real-World Troubleshooting & Q&A

[REGISTER HERE] This thread is for the Community Office Hours session on Detection Engineering Office Hours: ...

Developer Spotlight with Mika Borner

From Hackathon Winner to Enterprise Leader    Mika Borner, CEO and Founder of Datapunctum AG, has been ...

Continue Your Federation Journey: Join Session 3 of the Bootcamp Series

To help practitioners build a stronger foundation, we launched the Data Management & Federation ...