Is there a search or btool command we can run from...

Ruski88 · ‎05-17-2016

Per this root certificate issue expiring in July and https://answers.splunk.com/answers/395886/for-splunk-enterprise-splunk-light-and-hunk-pre-63.html

Is there a search or btools command to run from the deployment server to view all clients that will be affected, creating table with a list of all client versions?

We have many deployment clients and we need to know which ones need attention.

masonmorales · ‎05-18-2016

Yes. Check out the forwarder reports included in: https://splunkbase.splunk.com/app/2678/

mtranchita · ‎05-17-2016

Lots of variables but an oversimplified rough cut would be to make a lot of assumptions and look at what is recorded in the metrics log.
Try the following search and then clean it up to suit your needs:

index=_internal source=\*metrics.lo\* group=tcpin_connections version=* | table hostname version

Is there a search or btool command we can run from the deployment server to list all deployment client Splunk versions?

Can’t make it to .conf25? Join us online!

Community Content Calendar, September edition

Splunkbase Unveils New App Listing Management Public Preview

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Are you a member of the Splunk Community?

Is there a search or btool command we can run from the deployment server to list all deployment client Splunk versions?

Can’t make it to .conf25? Join us online!

Community Content Calendar, September edition

Splunkbase Unveils New App Listing Management Public Preview

Leveraging Automated Threat Analysis Across the Splunk Ecosystem