Hi - I am trying to deploy the universal forwarder to Linux. We have Altiris to deploy both the script and the package and a service account on the machines we want to deploy to. So I don't need a complete end-to-end script that I've been seeing all of the splunk answers board when researching this.
What my issue with this script at the moment is that no matter how I structure it, it always prompts to create a user yet the "edit user" command is in the splunk documentation to configure the user.
Any ideas or a workaround to this? I could be understanding something wrong so feel free to re-work this if you think I am approaching it incorrectly.
#!/bin/sh
tar xvzf /tmp/splunkforwarder-8.0.0-1357bef0a7f6-Linux-x86_64.tgz -C /opt
/opt/splunkforwarder/bin/splunk edit user admin -password fakepassword -auth admin:fakepassword --accept-license --answer-yes
/opt/splunkforwarder/bin/splunk enable boot-start -user serviceaccount
/opt/splunkforwarder/bin/splunk set deploy-poll "172.16.182.76:8089"
↧