- Splunk Answers
- :
- Using Splunk
- :
- Splunk Dev
- :
- Re: Are baseline configurations posted online?
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Are baseline configurations posted online?
We had Splunk professional services or a few weeks ago to assist with standing up a new deployment. At the start of the week, they provided a collection of apps, a "baseline configuration", to be customized and distributed to the proper areas throughout our environment.
Are these baseline configurations available to download somewhere?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If your PS was telling you to install apps, I’m sure it was in reference to those available at splunkbase.splunk.com which houses all sorts of apps that both Splunk and individuals have created.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
No.
It was a collection of app folders which any installation could start with, customize, then distribute to the appropriate instances.
Examples:
_search_base would be deployed to all search heads, to config things like search peers.
_auth_base would be deployed to all instances to config things like LDAP settings.
I'm looking for this collection of apps, before they're customized. They have names like _search_base, _cluster_master_base,_multisite_base, etc... with replaced with your own organization label.
I can reach out to my PS guy if I have to. I just figured these packages were available somewhere.
Thanks.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Reposting my last post, 'cause some characters disappeared...
No.
It was a collection of app folders
which any installation could start
with, customize, then distribute to
the appropriate instances.Examples:
ORG_search_base would be deployed to all search heads, to config things like
search peers.ORG_auth_base would be deployed to all instances to config things like LDAP
settings.I'm looking for this collection of
apps, before they're customized. They
have names like ORG_search_base,
ORG_cluster_master_base,ORG_multisite_base, etc... with ORG replaced with your own
organization label.I can reach out to my PS guy if I have
to. I just figured these packages were
available somewhere.Thanks.
Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...
Splunk APM: New Product Features + Community Office Hours Recap!
Index This | Forward, I’m heavy; backward, I’m not. What am I?
