Splunk Search

Is there a search or btool command we can run from the deployment server to list all deployment client Splunk versions?

Ruski88
Engager

Per this root certificate issue expiring in July and https://answers.splunk.com/answers/395886/for-splunk-enterprise-splunk-light-and-hunk-pre-63.html

Is there a search or btools command to run from the deployment server to view all clients that will be affected, creating table with a list of all client versions?

We have many deployment clients and we need to know which ones need attention.

0 Karma

masonmorales
Influencer

Yes. Check out the forwarder reports included in: https://splunkbase.splunk.com/app/2678/

0 Karma

mtranchita
Communicator

Lots of variables but an oversimplified rough cut would be to make a lot of assumptions and look at what is recorded in the metrics log.
Try the following search and then clean it up to suit your needs:

index=_internal source=\*metrics.lo\* group=tcpin_connections version=* | table hostname version
Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...