Bash Script to trigger splunk restart if the hostn...

surajsplunkd · ‎12-18-2023

Host value in below file gets changed automatically every now and then. Can you help me write a bash script which can check the host value every 5min and if the value is different than the actual hostname as in "uname -n". It will automatically correct the host value, save the file and then restart splunk service automatically?

cat /opt/splunk/etc/system/local/inputs.conf

[default]
host=iorper-spf52

tscroggins · ‎12-31-2023

Hi @surajsplunkd,

If the host is restarted or the forwarder service is restarted when the hostname changes, you can configure Splunk to manage this case automatically by setting host = $decideOnStartup. See https://docs.splunk.com/Documentation/Splunk/latest/Admin/Inputsconf#GLOBAL_SETTINGS for more information.

Restarting Splunk when an online hostname change occurs is distribution dependent.

Bash Script to trigger splunk restart if the hostname gets automatically changed.

administration

using Splunk Enterprise

.conf24 | Day 0

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

Troubleshooting the OpenTelemetry Collector