Other Usage
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Version check

uagraw01
Builder
‎09-22-2021 05:54 AM

Hello Splunkers!!

 

How to check the version of all the add-ons we  are using on heavy forwarders. Like DB connect, solarwinds and so on by using any rest command in splunk.

 

Thanks in Advance.

 

 

Labels (1)
Labels
Tags (1)
0 Karma
Reply

uagraw01
Builder
‎09-22-2021 11:16 AM

@gcusello @aasabatini  Why i was asked this question. Because i am upgrading my all the heavy forwarders and all the add-ons we have configured on HFs. So i need to make plan. I have to make compatible metrics also to support latest HF version with the latest version of add-ons. If there is any recommended approach then please let me know.

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎09-23-2021 12:00 AM

Hi @uagraw01,

about Splunk version, you could also use the Monitoring Console to have them.

About Add-Ons, you could use a Deployment server to deploy Add-Ons to the HFs so, you'll be sure about the version of all Add-Ons and you'll be able to centrally manage them.

Ciao.

Giuseppe

0 Karma
Reply

aasabatini
Motivator
‎09-22-2021 06:00 AM

Hi @uagraw01 

 

you can run this search directly on the HF

| rest splunk_server=local /services/apps/local | search update.version=* | table title version update.version

 

or you can run this search on the search head but you need to specify the hf server

“The answer is out there, Neo, and it’s looking for you, and it will find you if you want it to.”
Reply

uagraw01
Builder
‎09-22-2021 11:18 AM

@aasabatini From the search head it is not working while i am mentioning any hf name.

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎09-22-2021 05:58 AM

Hi @uagraw01.,

please try this:

| rest /services/apps/local
| table label version disabled

Ciao.

Giuseppe

Reply

uagraw01
Builder
‎09-22-2021 05:59 AM

@gcusello but how to check in which heavy forwarder which add-ons are installed and what is the current add-on version

Tags (1)
0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎09-22-2021 06:05 AM

hi @uagraw01,

sorry I forgot to say that you have to run this search on each Heavy Forwarder or add splunk_server:

| rest /services/apps/local splunk_server=<hostname>
| table label version disabled

Ciao.

Giuseppe

Reply

gcusello
SplunkTrust
SplunkTrust
‎09-22-2021 07:40 AM

Hi @uagraw01,

sorry I forgot that this option is only for search peers.

You can run that search only on the Heavy Forwarders.

You could eventually schedula that search saving results in a csv file (with outputcsv command at the end) and then read that file and send it to Splunk using a file input.

Ciao.

Giuseppe

0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎09-22-2021 12:09 PM

If/when (you really should) have a MC you could add all HFs as peers to it and create separate groups for those. Then you could use @gcusello ‘s rest query with splunk_server=<your group name here> To get this information from one place.

There is already idea for separate role for HFs / intermediate gateway forwarders in ideas.splunk.com, which could work better than add those as peers.

r. Ismo

Reply

uagraw01
Builder
‎09-22-2021 11:08 AM

@gcusello Yes i think i have to put this command on every heavy forwarder individually because we are using Splunk cloud.

0 Karma
Reply

uagraw01
Builder
‎09-22-2021 07:26 AM

@gcusello The last search is not working while i am using any hostname there.

Tags (1)
0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Get the T-shirt to Prove You Survived Splunk University Bootcamp

As if Splunk University, in Las Vegas, in-person, with three days of bootcamps and labs weren’t enough, now ...

Wondering How to Build Resiliency in the Cloud?

IT leaders are choosing Splunk Cloud as an ideal cloud transformation platform to drive business resilience,  ...