|
I have a regularly scheduled job which generates a log-file which I then use my local splunk light-forwarder to send to a remote splunk instance with splunk add oneshot $LOG_FILE -sourcetype $SOURCE This ends up requiring authentication. I know that I could hard-code a "-auth user:pass" argument into the script as well, but I'd prefer to not do that and instead be able to just disable authentication on the local host for splunk cli access. Is there a way to do this? |
|
Just dump the file in a batch directory such as $SPLUNK_HOME/var/spool/splunk. This does not require authentication, and you can control the sourcetype, source, etc with dynamic metadata assignment: http://www.splunk.com/base/Documentation/latest/Admin/Assignmetadatatoeventsdynamically |
I actually think this would be useful as well, something like kerberos's kadmin.local binary.