Solved: Is there a way to install Universal Forwarder back...

zymeworks · ‎01-18-2024

Hi Everyone,

Due to an issue we had with our Universal Forwarder not visible on Splunk cloud, we uninstalled the app from manage apps section.

Reason to remove the universal forwarder app was as we couldn't find the forward option under data inputs which is strange. So we tried to reinstall the app to the cloud but, App is no longer visible in All Apps.

Is there any way to reinstall the Universal Forwarder App to Splunk Cloud?

Thank you

acharlieh · ‎01-18-2024

So the first screenshot you have is actually within the Universal Forwarder app... Assuming that the app wasn't recreated by Splunk's automation, and that it's not a case of you or one of your fellow admins didn't set the app invisible, also assuming that someone didn't actually just remove permissions from the app, I think logging a support case would be your best course of action.

View solution in original post

acharlieh · ‎01-18-2024

So the first screenshot you have is actually within the Universal Forwarder app... Assuming that the app wasn't recreated by Splunk's automation, and that it's not a case of you or one of your fellow admins didn't set the app invisible, also assuming that someone didn't actually just remove permissions from the app, I think logging a support case would be your best course of action.

Is there a way to install Universal Forwarder back to Splunk Cloud, after installation?

using Splunk Cloud

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases