I'm trying to install Splunk UF through an MDM onto windows 10 but i'm running into an issue with the AGREETOLICENSE flag...it does not agree. Running the command below on the command line exits immediately with no errors and no installation.
msiexec.exe /i C:\Windows\Temp\splunkforwarder-6.5.1-f74036626f0c-x64-release.msi RECEIVING_INDEXER="xxxxxxxxxx:xxxx" WINEVENTLOG_SEC_ENABLE=1 WINEVENTLOG_SYS_ENABLE=1 MONITOR_PATH=“C:\ProgramData\osquery\logs\osqueryd.results.log” AGREETOLICENSE=yes /quiet
When I remove the /quiet flag the UniversalForwarder Setup window opens and I have to "Check this box to accept the License Agreement" to continue and it does install.
I've tried stripping everything out of the command to msiexec.exe /i C:\Windows\Temp\splunkforwarder-6.5.1-f74036626f0c-x64-release.msi AGREETOLICENSE=yes with the same result, no agreement on the license. Any suggestions on how to trouble shoot this?
... View more
I'm a total newb to both Meraki and Splunk...not sure if this is a Meraki or a Splunk question...
I've been sifting through Meraki syslogs with Splunk and creating searches and dashboards but I'm unsure of what I should search for to get usage and bandwidth data out of the logs into a useable/readable form. What I want to accomplish is to get a dashboard that will show AP and switch usage (Mb/s) over a 24hr period, number of clients per AP over a 24hr period, essentially mimic the Meraki network summary report but through syslog/Splunk.
... View more