What do I need to install on 8 Windows machines to...

dpohli · ‎09-03-2015

I am attempting to set up 8 Windows machines to send the security logs to the Splunk Light server.
1) What exactly do i need to install on each machine?
2) Is there a command line to do it either silently or as a remote push?
3) What is the best place to see the configuration of which ports are being used?

I have searched and found fragments, not any kind of step by step instructions.

thanks for the help in advance

bohanlon_splunk · ‎09-06-2015

1) What exactly do i need to install on each machine?
Install the Universal forwarder.
http://www.splunk.com/en_us/download/universal-forwarder.html

2) Is there a command line to do it either silently or as a remote push?
Docs are here:
http://docs.splunk.com/Documentation/Splunk/6.2.5/Forwarding/Chooseyourplatform#Install_the_universa...

Also here:
http://docs.splunk.com/Documentation/Splunk/6.2.5/Forwarding/DeployaWindowsdfviathecommandline
(check the "When to install from the command line?" section)

3) What is the best place to see the configuration of which ports are being used?
Read these docs: http://wiki.splunk.com/Where_do_I_configure_my_Splunk_settings%3F

Also this:
http://www.splunk.com/en_us/products/splunk-light/splunk-light-vs-splunk-enterprise.html

What do I need to install on 8 Windows machines to send security logs to Splunk Light, and how can I handle the installation and configurations remotely?

Introducing the 2024 SplunkTrust!

Introducing the 2024 Splunk MVPs!

Splunk Custom Visualizations App End of Life