UF upgrade script on Windows servers (2012, 2016, ...

santosh_scb · ‎03-02-2020

Hi Team, Currently I am working on a UF Auto installation script where the script has to automatically upgrade the UF package on all Windows boxes (that have v6.5.3) running to v7.3.4 using this script.

The script should work as below:

Check for any existing Splunk UF version on the Windows box, if it has UF v6.5.3 is already running then, stop the UF agent, upgrade the Splunk UF package - v7.3.4 (Untar the splunkforwarder.tgz) package and then start the Splunk services.

Post that it should connect to a DS (updating deploymentclient.conf) with DS and 8090 port details.

If the Windows box doesn't have any Splunk UF package installed then, the script should freshly install the UF v7.3.4 package on that Windows server and then connect to DS

Wanted to check if you have any reference shell script for the above upgrade/installation. Please note I will just use that script for reference purpose only and I won't use it directly.Request your help on this.
regards, Santosh

xavierashe · ‎03-09-2020

No need for a script. Use the command line switches.

msiexec.exe /i splunk-<...>-x64-release.msi AGREETOLICENSE=Yes DEPLOYMENT_SERVER="<host:port>" LAUNCHSPLUNK=1 /quiet

Click here for more switches.

wmyersas · ‎03-03-2020

You should probably be trying to deploy the Windows UF, and not the Linux one 🙂

santosh_scb · ‎03-08-2020

Yes, it is Windows one sorry by mistake I mentioned Linux

UF upgrade script on Windows servers (2012, 2016, 2019)

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?