Splunk Search

Is there a search or btool command we can run from the deployment server to list all deployment client Splunk versions?

Ruski88
Engager

Per this root certificate issue expiring in July and https://answers.splunk.com/answers/395886/for-splunk-enterprise-splunk-light-and-hunk-pre-63.html

Is there a search or btools command to run from the deployment server to view all clients that will be affected, creating table with a list of all client versions?

We have many deployment clients and we need to know which ones need attention.

0 Karma

masonmorales
Influencer

Yes. Check out the forwarder reports included in: https://splunkbase.splunk.com/app/2678/

0 Karma

mtranchita
Communicator

Lots of variables but an oversimplified rough cut would be to make a lot of assumptions and look at what is recorded in the metrics log.
Try the following search and then clean it up to suit your needs:

index=_internal source=\*metrics.lo\* group=tcpin_connections version=* | table hostname version
Get Updates on the Splunk Community!

How to Monitor Google Kubernetes Engine (GKE)

We’ve looked at how to integrate Kubernetes environments with Splunk Observability Cloud, but what about ...

Index This | How can you make 45 using only 4?

October 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Splunk Education Goes to Washington | Splunk GovSummit 2024

If you’re in the Washington, D.C. area, this is your opportunity to take your career and Splunk skills to the ...