Beruflich Dokumente
Kultur Dokumente
Part I
Ensure connectivity between your servers and the splunk servers below(ping)
IP Port
Splunk Role OS
Address s
999
172.29.21 7,
CentOS 7
3.80 808
9
999
172.29.21 7,
CentOS 7
3.81 808
9
999
172.29.21 7,
CentOS 7
3.82 808
9
999
172.29.21 7,
Indexers CentOS 7
3.83 808
9
999
172.29.21 7,
CentOS 7
3.84 808
9
999
172.29.21 7,
CentOS 7
3.85 808
9
999
172.29.21 7,
CentOS 7
3.86 808
9
800
172.29.21 0,
Seach Heads CentOS 7
3.88 808
9
800
172.28.20 0,
Cluster Master CentOS 7
0.84 808
9
800
172.28.20 0,
License Master CentOS 7
0.85 808
9
Additional
Server 172.29.21
[proposed 3.87
search head]
130
Forwarder
01
Download the forwarder(https://www.splunk.com/en_us/download/universal-forwarder.html)
Use attached if its linux box Check the version uname a to know whether x86 or not and
download the right splunk fowarder
splunkforwarder-6.4.1-debde650d26e-Linux-x86_64.tgz
#copy relevant splunk forwarder installer to the server that you intend to collect
logs from
#configure forwarder
chown -R splunk:splunk splunkforwarder
#if you are using a deployment server, set it here. Otherwise ignore this
configuration
/opt/splunkforwarder/bin/splunk set deploy-poll 172.28.200.84:8089 --accept-license
--answer yes
Save the attached file (deploymentclient.conf) under (if it does not exist)
/opt/splunkforwarder/etc/system/local/deploymentclient.conf
i.e
cp /home/cmwanzia/deploymentclient.conf /opt/splunkforwarder/etc/system/local/