Join the Conversation
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- Deploying across multiple OS
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi there,
I have a network with Windows and Linux Systems mixed.
It is not possible to seperate them or create IP ranges.
Now for me it is important to know if a app deployed for Windows causing problems on a Linux machine? And if a Windows Systems get a app deployed for Linux?
The App for Windows Systems is collecting PerfMon data and the App for Linux is monitoring directories.
Is there a way to check the operating system before roll out the app? I want to avoid that Windows systems get the apps for the Linux Systems and the same for Linux.
Thanks in advance
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sure, have a look at http://docs.splunk.com/Documentation/Splunk/latest/Deploy/Definedeploymentclasses
In particular you want to look at machineTypes, here you can define the machine type. To find your machine type have a look at this from the serverclass.conf documentation;
# client machineTypes can also be used to match clients.
# This setting lets you use the hardware type of the deployment client as a filter.
# This filter will be used only if a client could not be matched using the whitelist/blacklist filter.
# The value for machineTypes is a specific string that is designated by the hardware platform itself.
# The method for finding this string on the client itself will vary by platform, but if the deployment client
# is already connected to the deployment server, you can determine what this string is by using this
# Splunk CLI command on the deployment server:
# <code>./splunk list deploy-clients</code>
# This will return a value for <code>utsname</code> that you can use to
# specify <code>machineTypes</code>.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sure, have a look at http://docs.splunk.com/Documentation/Splunk/latest/Deploy/Definedeploymentclasses
In particular you want to look at machineTypes, here you can define the machine type. To find your machine type have a look at this from the serverclass.conf documentation;
# client machineTypes can also be used to match clients.
# This setting lets you use the hardware type of the deployment client as a filter.
# This filter will be used only if a client could not be matched using the whitelist/blacklist filter.
# The value for machineTypes is a specific string that is designated by the hardware platform itself.
# The method for finding this string on the client itself will vary by platform, but if the deployment client
# is already connected to the deployment server, you can determine what this string is by using this
# Splunk CLI command on the deployment server:
# <code>./splunk list deploy-clients</code>
# This will return a value for <code>utsname</code> that you can use to
# specify <code>machineTypes</code>.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
thanks for that! Splunk rocks 😉
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Automating Threat Operations and Threat Hunting with Recorded Future
Keep the Learning Going with the New Best of .conf Hub
Splunk Community Badges!
