Hi all, We use Splunk and Splunk Forwarder for our project. Splunk is installed on EC2 and Forwarder is part of our installation package. So when clients install our app, it's installed with Splunk Forwarder. So, our question how can we protect Splunk Forwarder from uninstalling by user in this case? For our app, we use uninstall password, a user needs to enter password for removing it. Or, maybe does exist someway to say to a user, this Splunk Forwarder is a part of our app, when he will try to remove it? Or, maybe in our situation we need to use an another way for forwarding logs to Splunk (w/o Splunk Forwarder)?
... View more