I want to build an indexer, search head, and deployment server on our own (not Splunk's ) AWS VPC. The overall question is, how do I configure an On-Prem Intermediate Forwarder (HWF) to connect to the Cloud version of the indexer? Just looking for a general answer, I don't know what our Cloud service offering provides (VPN, SSL etc etc). ... View more

Simply put, I have a group of about 700 Linux Boxes that I use Deployment Server with for over a year. Works great. I recently was trying to add another group of 8 new servers by installing the Universal Forwarder and wanted to manage with my legacy Deployment Server. I know I can change 8089 to anything I want on both sides, but can the Deployment Server comm over two separate ports 8089 and, lets say, 8099? I know you can change 8089 in the web.conf, but can you configure one ServerClass to comm over 8089 and another to comm over 8099? Already tried to "strong arm" the group that owns the 8 servers. Told them that our requirement is to have 8089 free, and that they need to make it happen first. Bosses talked to Bosses and I got chewed out. No worries, I've been chewed out before. I also know I can change my legacy DS to comm over 8099 and config all my other 700 servers to accommodate these 8, but that is less than ideal. I also don't want a completely separate DS for these 8 servers. Can I use IPTables at my legacy DS to map anything over 8099 to 8089? Will this hose the existing 700 Boxes listening over 8089? Also, If this is a viable solution accepted by, you, the community of SMEs, please understand I am not a Linux Admin by any stretch, but I am sure I can hack the settings. However, if someone can help me with the commands, I'd be grateful. Here is what Google is telling me: --iptables -A INPUT -i eth0 -p tcp --dport 8099 -j ACCEPT --iptables -A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT --iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 8099 -j REDIRECT --to-port 8080 Should work. Thanks Dazzed ... View more