Getting Data In
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Silent Install of UF in Linux Client Machines

anandhalagaras1
Contributor
‎11-26-2024 12:27 AM

Hi Team,

We are planning to perform a silent installation of the Splunk Universal Forwarder on a Linux client machine. So far, we have created a splunk user on the client machine, downloaded the .tgz forwarder package, and extracted it to the /opt directory.

Currently, the folder /opt/splunkforwarder is created, and its contents are accessible. I have navigated to the /opt/splunkforwarder/bin directory, and now I want to execute a single command to:

  1. Agree to the license without prompts, and
  2. Set the admin username and password.

I found a reference for a similar approach in Windows, where the following command is used:

msiexec.exe /i splunkforwarder_x64.msi AGREETOLICENSE=yes SPLUNKUSERNAME=SplunkAdmin SPLUNKPASSWORD=Ch@ng3d! /quiet

However, I couldn't find a single equivalent command for Linux that accomplishes all these steps together. Could you please provide the exact command to achieve this on Linux?

 

Labels (2)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

PaulPanther
Motivator
‎11-26-2024 01:09 AM

To accept the license during the start, execute:

opt/splunkforwarder/splunk start --accept-license --answer-yes

and before you start the forwarder service I suggest to create a user-seed.conf to set the admin password in clear text on the CLI.

user-seed.conf must be stored in /opt/splunkforwarder/etc/system/local/

[user_info]
USERNAME = admin
PASSWORD = YourPassword

 another method is to hash the password and add the hash to the user-seed.conf. It is described in the following doc Create secure administrator credentials - Splunk Documentation

View solution in original post

Reply
Solved! Jump to solution
Solution

PaulPanther
Motivator
‎11-26-2024 01:09 AM

To accept the license during the start, execute:

opt/splunkforwarder/splunk start --accept-license --answer-yes

and before you start the forwarder service I suggest to create a user-seed.conf to set the admin password in clear text on the CLI.

user-seed.conf must be stored in /opt/splunkforwarder/etc/system/local/

[user_info]
USERNAME = admin
PASSWORD = YourPassword

 another method is to hash the password and add the hash to the user-seed.conf. It is described in the following doc Create secure administrator credentials - Splunk Documentation

Reply
Get Updates on the Splunk Community!

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Unleash Unified Security and Observability with Splunk Cloud Platform

     Now Available on Microsoft AzureThursday, March 27, 2025  |  11AM PST / 2PM EST | Register NowStep boldly ...

Splunk AppDynamics with Cisco Secure Application

Web applications unfortunately present a target rich environment for security vulnerabilities and attacks. ...
Top