All Apps and Add-ons

Qualys Technology Add-on (TA) for Splunk: How can I deploy this TA via CLI?

drutstein
Explorer

I want to automate the deployment of this TA on a heavy forwarder which means not pushing any credentials through the web interface. I don't have access to the web interface, this is locked down in via security groups to only allow communication on specific ports. The documentation doesn't cover how this can be done. How can I perform this configuration via CLI?

0 Karma
1 Solution

mayurr98
Super Champion

As far as I know any TA can be deploy via CLI using following command
Run the splunk install CLI command:

cd \opt\splunk\bin
.\splunk install app \splunk-add-on-for-qualys.tar.gz
App 'qualys' is installed.
After that you can do necessary configurations by going etc/apps/appname/

View solution in original post

mayurr98
Super Champion

As far as I know any TA can be deploy via CLI using following command
Run the splunk install CLI command:

cd \opt\splunk\bin
.\splunk install app \splunk-add-on-for-qualys.tar.gz
App 'qualys' is installed.
After that you can do necessary configurations by going etc/apps/appname/

drutstein
Explorer

How can I add in my credentials for the Qualys site without using the GUI? This is the key part of deployment that seems to be missing from the CLI.

0 Karma

mayurr98
Super Champion

If it is a script then you can run it by searching a file from /etc/app/appname/andlookfilesshellscript
There might be a script which you need to trigger in order to process configuration. You have to search for that shell script

0 Karma
Get Updates on the Splunk Community!

Splunk Forwarders and Forced Time Based Load Balancing

Splunk customers use universal forwarders to collect and send data to Splunk. A universal forwarder can send ...

NEW! Log Views in Splunk Observability Dashboards Gives Context From a Single Page

Today, Splunk Observability releases log views, a new feature for users to add their logs data from Splunk Log ...

Last Chance to Submit Your Paper For BSides Splunk - Deadline is August 12th!

Hello everyone! Don't wait to submit - The deadline is August 12th! We have truly missed the community so ...