Additionally, be aware of the kernel versions that are supported as well. When downloading a Universal Forwarder, pay attention to the architecture that is supported by the package (indicated in gray). I’ve circled the 64-bit option, which is almost always the one you’ll want for a typical 64-bit Linux workstation or server. In the event you need to download an older version of the Universal Forwarder, those packages are available on the older releases page.įor this process, you’ll want to click on the Linux tab and choose the download package (.deb/.rpm/.tgz) that you plan on using for your deployment mechanism of choice. You will need a account to access the download. Installation Steps Obtain the Installation Packageįirst, download the Splunk Universal Forwarder from Splunk’s download page. The following sections will explain each of these options in more detail. Configure the Universal Forwarder to connect to the deployment server and retrieve configuration.
SPLUNK LICENSE MANAGER INSTALL
SPLUNK LICENSE MANAGER HOW TO
In this tutorial, we’ll explore how to deploy the Splunk Universal Forwarder on a Linux machine using three different deployment methods (RPM, DEB, and TGZ) and then discuss how to connect the UF to a Splunk Deployment server. My goal for this tutorial is to show you a number of different options for deploying the Universal Forwarder on various flavors of Linux and connect that Universal Forwarder to a Splunk Deployment Server for management and configuration. Managing the deployment of the Universal Forwarder is best handled via whatever mechanism your organization uses to deploy software packages across machines in your organization. In order to collect logs at scale, it is necessary to deploy the Universal Forwarder to every system where log collection is required. I’ve gotten a lot of feedback asking for a similar one for Linux systems, which is what we’ll explore in this tutorial.Īs mentioned in the Windows Deployment Guide, the Universal Forwarder is the best mechanism for collecting logs from servers and end-user systems. In the first part of this series, I walked you through the process of getting the Splunk Universal Forwarder installed on your Windows systems.