Re: How to troubleshoot why our command to install...

CaptainHook · ‎05-10-2016

We have been running msiexec.exe /i "c:\SFTPRoot\splunkforwarder-x.x.x-xxxx-x64-release.msi" AGREETOLICENSE=Yes /quiet to install a Splunk forwarder on our firewall servers that do not have RDP access; However, of recent, we are running into an issue where this command is not working anymore and we are not receiving any indication as to why it fails.

Does anyone have experience with doing this type of restricted install and/or Windows command line ideas?

Thank you in advance.

bsachitano · ‎05-10-2016

Add logging to your command to see why it's failing.

Try running:

msiexec.exe /i "c:\SFTPRoot\splunkforwarder-x.x.x-xxxx-x64-release.msi" /L C:\logfile.txt

Then evaluate the file.

CaptainHook · ‎05-10-2016

I had since tried that by running this:

msiexec.exe /i "C:\Users\srvHPOM\Downloads\ splunkforwarder-x.x.x-xxxx-x64-release.msi" /L*V C:\Users\srvHPOM\Downloads\myinstall.log" AGREETOLICENSE=Yes

It was unsuccessful and wrote a log with 0b.

bsachitano · ‎05-10-2016

OK, Try this to see if it writes a log.:

msiexec.exe /i "splunkforwarder-x.x.x-xxxxx-x64-release.msi" ALLUSERS=1 /qn /norestart /log output.log AGREETOLICENSE=Yes

I had issues with several machines when using an auto-deployer like SCCM or PDQ Deply. I got back messages saying the product was already deployed, when it really wasn't.

CaptainHook · ‎05-10-2016

Thank you very much. I will try this when I get a moment today and let you know.

sloshburch · ‎06-13-2016

Any luck?

How to troubleshoot why our command to install a Splunk Forwarder via CLI for Windows Firewall is no longer working?

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases