Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

steps to move universal forwarder from oracle database server to other without loosing any app config/setting

mahenreddy
New Member
‎04-03-2020 07:50 PM

I am new to splunk, can i get advice on moving splunk universal forwarder from one db host to another.
I am looking for options where i don't have to configure whole lot on the target.

I tried SPLUNK HOME tar ball to target server, change the hostname in .conf files. I see the data coming but i don't see the
sourcetype options , tags, dashboards

Thanks

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

mguhad
Communicator
‎04-04-2020 07:31 AM

Hi,
If it is simply a universal forwarder:
1.Ensure that the new db host has the same source paths for the files it is monitoring as the old one
2.Ensure the deployment server is up to date with the client (that way, once the UF phones home under new db host, it can simply push the same app out again to resume service as usual....the caveat being the new db host has the same exact input.conf stanzas as the old db you are moving from)
3. Install the forwarder on the new db host
4. Point the forwarder to the deployment server : ./splunk set deploy-poll <deploymentserver>:8089
5. Once the forwarder is phoning home from the new db host, attach the same apps & serverclass as previous db forwarder and push out to the client - ./splunk reload deploy-server

Once the new forwarder begins to send data to the indexers, the dashboards and other knowledge objects should begin populating as per usual witht the previous setup.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

mguhad
Communicator
‎04-04-2020 07:31 AM

Hi,
If it is simply a universal forwarder:
1.Ensure that the new db host has the same source paths for the files it is monitoring as the old one
2.Ensure the deployment server is up to date with the client (that way, once the UF phones home under new db host, it can simply push the same app out again to resume service as usual....the caveat being the new db host has the same exact input.conf stanzas as the old db you are moving from)
3. Install the forwarder on the new db host
4. Point the forwarder to the deployment server : ./splunk set deploy-poll <deploymentserver>:8089
5. Once the forwarder is phoning home from the new db host, attach the same apps & serverclass as previous db forwarder and push out to the client - ./splunk reload deploy-server

Once the new forwarder begins to send data to the indexers, the dashboards and other knowledge objects should begin populating as per usual witht the previous setup.

0 Karma
Reply
Solved! Jump to solution

mahenreddy
New Member
‎04-14-2020 02:11 AM

Thanks a lot . Everything is working fine.

0 Karma
Reply
Solved! Jump to solution

richgalloway
SplunkTrust
SplunkTrust
‎04-14-2020 05:28 AM

@mahenreddy If your problem is resolved then please accept the answer to help future readers.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply
Solved! Jump to solution

mahenreddy
New Member
‎04-05-2020 04:15 AM

Thanks a lot for detailed reply.

0 Karma
Reply
Solved! Jump to solution

mahenreddy
New Member
‎04-14-2020 10:44 AM

Thanks for the detailed step by step explanation . It resolved the issue.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas     Cisco Live 2026 is almost here, and this ...

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Hello Splunkers,   So you searched, “what is the name of the usb key inserted by bob smith?”  Not gonna lie… ...

Automating Threat Operations and Threat Hunting with Recorded Future

    Automating Threat Operations and Threat Hunting with Recorded Future June 29, 2026 | Register   Is your ...