Splunk Cloud Platform
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to connect a heavy forwarder to Splunk Cloud?

Dayane_tr
Path Finder
‎06-22-2022 02:19 PM

Hello,

I have a linux machine where Splunk Enterprise is installed and I would like to use Heavy forwarder to send the files to the cloud.

How do I install the "app"(splunkclouduf.spl)  from the cloud instance in Splunk Enterprise? 

I don't have access to the Splunk Enterprise web interface, only access to the linux machine.

Regards

Labels (2)
Tags (2)
0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
‎06-25-2022 01:55 AM

I never remember the proper syntax, but it's either

/opt/splunk/bin/splunk app install app_package.spl

or

/opt/splunk/bin/splunk install app app_package.spl

 

0 Karma
Reply

Roy_9
Motivator
‎06-25-2022 01:00 AM

@Dayane_tr  After the untar is done as rich suggested, you should open a FW connection from HF to Splunk Cloud(basically will be as inputs*.abc.splunkcloud.com) something like that on port 9997.

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎06-22-2022 05:18 PM

Install the app like you would install any other app on the command line.  Untar the file to $SPLUNK_HOME/etc/apps then restart the HF.

tar -zxf splunkclouduf.spl -C /opt/splunk/etc/apps
---
If this reply helps you, Karma would be appreciated.
Reply
Get Updates on the Splunk Community!

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

The Transformative Power of AI and ML in Enhancing Observability   In the realm of IT operations, the ...

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...