Installation
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Scripting to Download UniversalForwarder- What URL and header information syntax for login do I need?

klint
Engager
‎05-23-2023 09:34 PM

Hi,

I work for a company that has Splunk used on Servers. it is governed by a main team, however the installation of Universal Forwarder is up to the individual teams, as a result, the version needs update from time to time.

I am in the process of automating all software version downloads the platform I maintain uses and was wondering if there is a known way to connect with the splunk site and download the latest version of UniversalForwarded via script. I use powershell but could try translate other scripts if there is a method. 

any info on URL and any header information syntax for login I need is appreciated

Thank you

Labels (2)
Labels
0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎05-23-2023 10:16 PM

Hi @klint ,

if you're speaking of windows servers, you can use GPO to deploy UF updates from a copy that you downloaded from the Splunk Site.

If you're speaking of Linux servers, you have to use a script that you can find in the Community always downloading from a copy from the Splunk Site..

At the moment, there isn't a procedure or a tool released by Splunk to update a Forwarder directly from the Splunk site.

There are two apps developed by Community members to update UF using the Deployment Server, in the meantime Splunk is releasing the feature of updating the UF directly from Deployment Server and it will be released if few time (I hope!), for more infos you can see at Splunk Ideas.

Ciao.

Giuseppe

0 Karma
Reply

klint
Engager
‎05-23-2023 10:47 PM

Thanks for getting back to me Giuseppe

What you have said would work for installing but that still requires me to download the copy every month. I am hoping for an automated solution to download it every month so i can leave it to an automated process .

Trying to automate as much as possible and remove manual work

 

 

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎05-23-2023 10:57 PM

Hi @klint ,

No there isn't an automation to download the latest version of UF, also beacuse the UF update is usually an activity to manualy do, to have a greater control.

You could propose this to Splunk Ideas.

Ciao.

Giuseppe

Reply

isoutamo
SplunkTrust
SplunkTrust
‎05-24-2023 01:34 AM

Hi

I think that this https://github.com/ryanadler/downloadSplunk can help you with your journey to automatic load needed splunk version.

r. Ismo

Reply

RMcCurdyDOTcom
Explorer
‎01-29-2024 08:50 AM

 

got nasty gram for posting links

search online for freeload101 github in scripts Splunk_UniversalForwarder_Installer.bash

Tags (1)
0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas     Cisco Live 2026 is almost here, and this ...

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Hello Splunkers,   So you searched, “what is the name of the usb key inserted by bob smith?”  Not gonna lie… ...

Automating Threat Operations and Threat Hunting with Recorded Future

    Automating Threat Operations and Threat Hunting with Recorded Future June 29, 2026 | Register   Is your ...