Forwarder Installation Script

I have created the script below to deploy forwarders to Linux servers. Hopefully it is of use to others in the community.

If you execute the script it will tell you which parameters it expects to receive.

The script expects to deploy a .tgz but could easily be tweaked to install an RPM, DEB or similar package. However in those situations I would generally look to utilise whatever package management system is available (e.g. a Satellite server for RedHat) to make patching easier.

I hope you find this helpful.

#!/bin/bash

################################################
################################################
### Splunk> Forwarder Mass Deployment Script ###
### Author:   David Anso - GKC Limited       ###
### Version:  1.0                            ###
################################################
################################################
### www.gkc.co.nz

REMOTE_HOST=$1
REMOTE_USER=$2
REMOTE_PATH="$3"
ENABLE_KEYBASED_AUTH=$4
ENABLE_BOOT_START=$5

SPLUNKFORWARDERTGZ="splunkforwarder-4.3-115073-Linux-x86_64.tgz"
INSTALLER_HOME="/home/splunker/install-forwarder/"
SPLUNKDEPLOYCLIENTCONF="deploymentclient.conf"
SSH_PUBLIC_KEY="/home/splunker/.ssh/id_rsa.pub"

cd $INSTALLER_HOME

if [ -z $5 ]
then
    echo "Usage: $0 Host User Path Enable_SSHKeys EnableBootStart"
    echo " e.g.: $0 splunkforwarder1 splunkuser /opt 1 1"
    exit 1
fi

if [ $ENABLE_KEYBASED_AUTH -gt 0 ]
then
    cat $SSH_PUBLIC_KEY | ssh $REMOTE_HOST -l $REMOTE_USER "if [ ! -e .ssh ] ; then mkdir ~/.ssh; fi ; cat \ >>~/.ssh/authorized_keys ; chmod 600 ~/.ssh/authorized_keys ;chmod 700 ~/.ssh"
    ssh $REMOTE_HOST -l $REMOTE_USER echo If you only typed the password once then key based auth is working.
fi

echo "Copying files..."
scp $SPLUNKFORWARDERTGZ $SPLUNKDEPLOYCLIENTCONF $REMOTE_USER@$REMOTE_HOST:$REMOTE_PATH
ssh $REMOTE_HOST "
    cd $REMOTE_PATH; 
    tar -xzf $REMOTE_PATH/$SPLUNKFORWARDERTGZ ;  
        rm $REMOTE_PATH/$SPLUNKFORWARDERTGZ ;
        mv $REMOTE_PATH/$SPLUNKDEPLOYCLIENTCONF $REMOTE_PATH/splunkforwarder/etc/system/local/deploymentclient.conf;
        splunkforwarder/bin/splunk start --accept-license
"

echo ""

if [ $ENABLE_BOOT_START -gt 0 ]
then
    echo "Enabling Boot Start..."
    ssh $REMOTE_HOST -t -l $REMOTE_USER "sudo $REMOTE_PATH/splunkforwarder/bin/splunk enable boot-start"
fi

Forwarder Installation Script

Trending Articles

Badly behaved grandson remanded

Practice Sheet of Right form of verbs for HSC Students

Haan Hasi Ban Gaye Lyrics Translation | Hamari Adhuri Kahani

मतलबी दोस्त स्टेट्स | Matlabi Dost Status in Hindi – Selfish Friends Status

Nokia teases with imaging-themed video ahead of MWC

bq2014H / TI Evaluation software

Moondru Mudichu 07-06-2016 – Polimer tv Serial

megane 1.5dci oil filter dimensions??

Born To Be Wild: Chicago Outfit Hit Squad Littered The Streets With Bodies...

KAYTRANADA – BUBBA (2019) [FLAC 24bit/44,1kHz]

Neem Baba Extra Questions Answer Class 6 English Poorvi

Black Angus Grilled Artichokes

मुख मैथुन से उठाएं सेक्स का भरपूर मज़ा, जानें क्या है इसका सही तरीकामुख मैथुन...

Comment on Bogus British Company “Accredits” OMICS Conferences by Marco

Microsoft Intune as an MDM server for Cisco ISE

Confirmation before powering off VM - is it possible?

St. George couple continues racking up theft-related criminal charges

Former bodybuilder found guilty of attacking ex-partner

ILLINOIS: Jeff Kallister still doing hard time for DUI conviction in killing...

Convicted criminal from Dublin admits tying up and hitting sisters