Difference between revisions of "Splunk"
Jump to navigation
Jump to search
(Created page with "= Splunk forwarder = Setup splunk-forwarder agent on Linux <source lang=bash> ./splunk set deploy-poll splunk.acme.com:8089 ./splunk show deploy-poll ./splunk enable listen...") |
|||
Line 2: | Line 2: | ||
Setup splunk-forwarder agent on Linux | Setup splunk-forwarder agent on Linux | ||
<source lang=bash> | <source lang=bash> | ||
./splunk set deploy-poll splunk.acme.com:8089 | ./splunk add forward-server splunk.acme.com:9997 --accept-license --no-prompt -auth admin:changeme | ||
./splunk list forward-server | |||
./splunk set deploy-poll splunk.acme.com:8089 | |||
./splunk show deploy-poll | ./splunk show deploy-poll | ||
./splunk enable listen 9997 | ./splunk enable listen 9997 | ||
Line 10: | Line 12: | ||
./splunk set default-hostname <serverName|hostname> | ./splunk set default-hostname <serverName|hostname> | ||
./splunk show default-hostname | ./splunk show default-hostname | ||
./splunk enable boot-start | ./splunk enable boot-start | ||
</source> | </source> |
Revision as of 08:15, 19 August 2020
Splunk forwarder
Setup splunk-forwarder agent on Linux
./splunk add forward-server splunk.acme.com:9997 --accept-license --no-prompt -auth admin:changeme ./splunk list forward-server ./splunk set deploy-poll splunk.acme.com:8089 ./splunk show deploy-poll ./splunk enable listen 9997 ./splunk display listen ./splunk set servername <serverName|hostname> ./splunk show servername ./splunk set default-hostname <serverName|hostname> ./splunk show default-hostname ./splunk enable boot-start