Installation
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Universal Forwarder installation on Kubernetes On-premises

vijreddy30
Loves-to-Learn Everything
‎01-24-2024 05:22 AM

Hi Team,

My requirement is Universal Forwarder installation on Kubernetes On-premises system.

 

Please send me guide on installation on Kubernetes. 

 

 

 

Labels (2)
Labels
0 Karma
Reply

datadevops
Path Finder
‎01-28-2024 02:28 AM

Hi there,

Option 1: Deployment Operator

  • The Splunk Kubernetes Operator simplifies UF deployment and management. Check out the official guide: <invalid URL removed>

Option 2: Manual Deployment

  • For more control, follow these steps:
    1. Create Pod spec: Define a Pod spec with the UF container image and configurations. Use inputs.conf and outputs.conf for log forwarding rules.
    2. Deploy using kubectl: Apply the Pod spec using kubectl apply.
    3. Manage resources: Use kubectl commands to scale, update, or delete the UF deployment.

Additional Tips:

  • Consider using a DaemonSet for wider deployment across nodes.
  • Secure your deployment with pod security policies and network policies.
  • Explore Fluent Bit for advanced log processing and routing within Kubernetes.

Remember:

  • Choose the option that best suits your needs and expertise.
  • Refer to Splunk documentation and community resources for detailed instructions and troubleshooting.

~ If the reply helps, a Karma upvote would be appreciated

0 Karma
Reply
Get Updates on the Splunk Community!

What’s New & Next in Splunk SOAR

Security teams today are dealing with more alerts, more tools, and more pressure than ever.  Join us on ...

Your Voice Matters! Help Us Shape the New Splunk Lantern Experience

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

September Community Champions: A Shoutout to Our Contributors!

As we close the books on another fantastic month, we want to take a moment to celebrate the people who are the ...