Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to set Execute rights for shell scripts on Windows Forwarder Management?

schose
Builder
‎03-06-2015 02:58 AM

Hi all,

I'm using Forwarder Management on a Splunk instance running on Windows. I've created an app to get some data inputs running shell scripts. When I distributed the app to the forwarders, the execute attribute -x is not set on the scripts, so they don't get executed. When manually setting the scripts using chmod 755 *.sh the inputs are generated.

Is there a way I could set the execute rights on the App for Linux inputs? Are there any post copy scripts i could execute after the app is deployed from Forwarder Management?

Cheers,

Andreas

0 Karma
Reply

esix_splunk
Splunk Employee
Splunk Employee
‎03-08-2015 05:35 AM

As mentioned, if you are using a *Nix based Deployment Server and pulling from Windows Machines, the permissions will not get copied over.

Your best bet here is to set execution rights on the $splunk_home/etc/apps folder, and enable "Inherit Permissions" with execute bit set. This should set the execution bit on all folders above $splunk_home/etc/apps. One side note to this, it does set execute on all files. If you are running a secured windows box, this might not be ideal.

In that case, you best bet would be to write a powershell script that will set execute on $splunk_home/etc/apps/*/bin/, and cron that to run frequently, or manually run this everytime you push an updated app..

Reply

mcronkrite
Splunk Employee
Splunk Employee
‎03-07-2015 10:14 AM

You can't do this to Windows Forwarders from a Linux Deployment server. You need a Windows Deployment Server to manage windows permissions / environment.

0 Karma
Reply

muebel
SplunkTrust
SplunkTrust
‎03-06-2015 07:25 PM

There is probably some utility to modify the permissions for the shell script while on a Windows system, but if I were you I would copy the file to a linux system, chmod it, then put it back into place on the deploy server.

Reply
Get Updates on the Splunk Community!

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

Take a look below to explore our upcoming Community Office Hours, Tech Talks, and Webinars this month. This ...

They're back! Join the SplunkTrust and MVP at .conf24

With our highly anticipated annual conference, .conf, comes the fez-wearers you can trust! The SplunkTrust, as ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...