Getting Data In

Is it possible to create a deployment package of universal forwarder with complete configuration?

sathyajith_tekd
Engager

Hello,

Is it possible to create a package of Splunk universal forwarder with the complete configuration so that I can deploy through SCCM since I have more than 150 windows servers?

0 Karma

FrankVl
Ultra Champion

Have a look at the UF documentation, which has a chapter on how to do installs like that: http://docs.splunk.com/Documentation/Forwarder/7.0.2/Forwarder/InstallaWindowsuniversalforwarderremo...

Post back here if that still leaves any specific questions!

0 Karma

tiagofbmm
Influencer

Yes it is possible and recommended for coherency between your forwarders.

One of the most important configurations, the deploymentclient.conf that allows to later control everything from the deployment server.

Put that in an app org_all_deploymentclient with deploymentclient.conf in the /local directory and your're good to go.

All subsequent actions can be done through Deployment Server

0 Karma

sathyajith_tekd
Engager

Once I install the forwarder then only i can use deployment server to install apps and config right.For 70 server how is it possible to deploy universal forwarder.Is it any way to create fully configured package.

0 Karma

tiagofbmm
Influencer

Can you use an Ansible Playbook with the Splunk Installation and a copy of the app to all the servers?

Have you got any mass deployment tool?

0 Karma

sathyajith_tekd
Engager

I have an System Center Configuration Manager (SCCM)

0 Karma

tiagofbmm
Influencer

Well then for each server, put the installer in each machine, untar it, start splunk, copy the app that contains the deploymentclient.conf, restart splunk and you're done.

Any further doubts about it?

0 Karma

tiagofbmm
Influencer

Please let me know if the answer was useful for you. If it was, accept it and upvote. If not, give us more input so we can help you with that

0 Karma
Get Updates on the Splunk Community!

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...

Observability Highlights | January 2023 Newsletter

 January 2023New Product Releases Splunk Network Explorer for Infrastructure MonitoringSplunk unveils Network ...