If you can't use the Windows TA for some reason, at least download it to see how it works.  It's just a collection of config files so it should be easy to use it as a model for your own configuration.

Hi, 

I can use Windows TA just it seems you need to set up a deployment server etc and I really didnt want this as the infrastructure is VDI, all i wanted was to put one agent on a golden image then push this out to all clients. 

After configuring the Windows TA and all the config files, is there a way to deploy this to the end clients without having to have the deployments server etc?

Thanks

Just copy the app to etc/apps on your Splunk image. Same thing as deploying said app.

Just be forewarned: you lose the ability to do any updates after deployment using a DS. If there are any required changes... problem.

You can also use a config management tool like Chef, Ansible, Puppet etc.

If networking is an issue: have the indexer(s) and DS on the same host as that then only requires a single dest IP to ports 8089, 9997.

"Just copy the app to etc/apps on your Splunk image. Same thing as deploying said app."

So copy the Win TA folder to the Client PC , then it should work? 

Sorry little confused with it all. 

I have a Splunk Server with WindowsTA installed, then the config files all set up etc. 

What do i need to copy from the Splunk Server to the Windows Clients, i have the SplunkUniversalForwarder on the client PC. But there is no Windows TA folder on that Client PC is there. 

Thanks

Yes, copy the directory to the forwarders etc/apps.