In this video I will walk through configuring a deployment server to push out Splunk Unix/Linux technology addon (TA) and the Windows TA to my connected endpoints.
I will demonstrate using the command line to point the endpoints to the deployment server. After that you will see me jump into Splunk Web and build out the server classes and attach them to apps that will be deployed.
Along with the 2 supported splunk apps, I will also create custom apps that will deploy both inputs and outputs configuration files. This will allow me to have a standard configuration for endpoints when they connect to my Splunk environment.
This video is the groundwork for followon videos that will dive deeper into collecting metrics data and searching that data.
Splunk documentation links:
Splunk Deployment Server documentation:
https://docs.splunk.com/Documentation...
Configure the Universal Forwarder to connect to a deployment server:
https://docs.splunk.com/Documentation...
Configure forwarding with outputs.conf:
https://docs.splunk.com/Documentation...
Splunk Addon for Microsoft Windows:
https://splunkbase.splunk.com/app/742
Splunk Addon for Unix and Linux:
https://splunkbase.splunk.com/app/833