Hello Splunk Experts,
I'm working on networking device integration with Splunk. Considering to use onbox universal forwarder to receive the application deployment from Splunk server. Here the steps in my mind, HAVE question for every step :(. Appreciate share your expierence/insights on this with me.
1. Install Splunk App ( GUI & backend scirpts/libs ) to Splunk server, with wizard input from user, generating some configuration files for splunk forwarders and backend scripts.
QUESTION: Based on user input, Individual endpoints may have completely different configs, is there any example, apps I can reference to acheive that ?
2. COPY/PUT what I need in forwarder to from apps/ to deployment-apps so I can have all the stuffs ready on selected forwarders.
QUESTION: Can I add some link, button on Application frontend GUI to trigger this backend operation ?
3. Forwarder monitor the data output and send to Splunk server, but need to help me to trigger backend scripts first to start to collect the data
QUESTION: How Can I start, schedule external script at forwarder boot ?
Best Regards,
Yanyu
↧