All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Possible to forward results from Splunk for Asset Discovery App to Splunk Cloud?

cjbischoffmck
New Member
‎07-22-2014 12:25 PM

Would it be possible to run this application in the following fashion -

On local/on-premise machines perform the scanning - then using the local forwarder to send results to Splunk in the Cloud (where the app is installed?

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

mw
Splunk Employee
Splunk Employee
‎07-22-2014 12:52 PM

Yes it is. It's really just a simple matter of configuring the universal forwarder (your scanner) to forward to your cloud-based server (possibly through an intermediate forwarder). Really, there are a number of options for deployment topologies, but certainly a hybrid on-prem/cloud topology in a general sense is one of them. Here's a link to the forwarder documentation: http://docs.splunk.com/Documentation/Splunk/6.1.2/Forwarding/Aboutforwardingandreceivingdata .

I would also encourage you to get in touch with sales@splunk.com to engage your local sales team who can assist you in determining the correct architecture for your requirements.

These links may also be of interest:
http://www.splunk.com/web_assets/pdfs/secure/Splunk_for_Amazon_Web_Services.pdf
http://www.splunk.com/view/cloud/SP-CAAAG58

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

mw
Splunk Employee
Splunk Employee
‎07-22-2014 12:52 PM

Yes it is. It's really just a simple matter of configuring the universal forwarder (your scanner) to forward to your cloud-based server (possibly through an intermediate forwarder). Really, there are a number of options for deployment topologies, but certainly a hybrid on-prem/cloud topology in a general sense is one of them. Here's a link to the forwarder documentation: http://docs.splunk.com/Documentation/Splunk/6.1.2/Forwarding/Aboutforwardingandreceivingdata .

I would also encourage you to get in touch with sales@splunk.com to engage your local sales team who can assist you in determining the correct architecture for your requirements.

These links may also be of interest:
http://www.splunk.com/web_assets/pdfs/secure/Splunk_for_Amazon_Web_Services.pdf
http://www.splunk.com/view/cloud/SP-CAAAG58

0 Karma
Reply
Solved! Jump to solution

cjbischoffmck
New Member
‎07-22-2014 02:34 PM

Installed on the local machine (syslog server with Splunk Forwarder installed) Performed post configuration - restarted Splunk. How do I check if the inputs.conf is correct?

$SPLUNK_HOME/bin/splunk list monitor doesnt show the script to be executed - just show the files being monitored.

0 Karma
Reply
Solved! Jump to solution

mw
Splunk Employee
Splunk Employee
‎07-22-2014 02:04 PM

That's correct. On-prem, each "scanner" would have the Splunk universal forwarder installed with forwarding configured, as well as the Asset Discovery app with its scripted inputs enabled. The cloud would consist of your Splunk server which also has the same app installed and "receiving" enabled.

0 Karma
Reply
Solved! Jump to solution

cjbischoffmck
New Member
‎07-22-2014 01:59 PM

I am guessing I will need to install the app both cloud and on-premise. Downloading the application to see the internals - thanks

0 Karma
Reply
Get Updates on the Splunk Community!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer at Splunk .conf24 ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...