Absolutely - this is quite a big challenge to update all the deploymentclient.conf on all the forwarders. A remote script which iterates through all the forwarders is what we do. Now, if some of the forwarders are on Windows and some on Linux, AIX, Solaris, the script needs to be pretty evolved...

Our environment is Windows, RedHat and Solaris so not the easy solution I was looking for.
:)

Could you use the old DS ip address on the new one?
In this way you solve your problems
Bye.
Giuseppe

@phillipmadm, look, you need this type of scripts anyway...

If this answer satisfies your question, please accept or upvote it.
Bye.
Giuseppe

Yes it needs!
infact we used two different scripts for Linux and AIX (only just a little different, in connection!), but it's a very simple script because you have to perform only three actions:

• connect to the remote server,
• copy the new deploymentclient.conf in $SPLUNK_HOME/etc/system/local,
• run $SPLUNK_HOME/bin/splunk restart

So it's very quick to create and run these three scripts.

Check if you have something like LanDesk to deploy deploymentclient.conf to Windows servers.

Bye.
Giuseppe

We are currently using a deployment server that is replicated to a new datacenter. We can standup the replicated server with a unique address but I do not see in the referenced link where we can point existing machines to the IP. A script to update the deploymentclient.conf is valid but writing one that parses out the various operating systems in our environment is challenging with the current staffing levels. Manual seems to be the way to go.