Hello Splunk Experts,
I'm working on networking device integration with Splunk. I'm considering using OneBox universal forwarder to receive the application deployment from Splunk server. Here are the steps I have in mind, and I have question for every step :(. Appreciate share your experience/insights on this with me.
1. Install Splunk App ( GUI & backend scirpts/libs ) to Splunk server, with wizard input from user, generating some configuration files for splunk forwarders and backend scripts.
QUESTION: Based on user input, Individual endpoints may have completely different configs, is there any example, apps I can reference to acheive that ?
2. COPY/PUT what I need in forwarder to from apps/ to deployment-apps so I can have all the stuffs ready on selected forwarders.
QUESTION: Can I add some link, button on Application frontend GUI to trigger this backend operation ?
3. Forwarder monitor the data output and send to Splunk server, but need to help me to trigger backend scripts first to start to collect the data
QUESTION: How Can I start, schedule external script at forwarder boot ?
Best Regards,
Yanyu
↧