Forge Home

Modules

Resources

PuppetEcosystemPuppet CommunityUpdates

splunk

Manage and deploy Splunk servers and forwarders
Project URLRSS FeedReport issues

14,401 downloads

8,944 latest version

2.6 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 3.0.2 (latest)
  • 3.0.1
  • 3.0.0
  • 2.0.1
  • 2.0.0
  • 0.3.0
  • 0.2.0
released Jun 16th 2015
This module has been deprecated by its author since May 15th 2020.

The author has suggested puppet-splunk as its replacement.

Start using this module

Tags: logging, splunk, windows

Documentation

seteam/splunk — version 3.0.2 Jun 16th 2015

Deprecated

This module is no longer maintained and is deprecated in favor of its successor, puppetlabs/splunk.

New users should download puppetlabs/splunk or Splunk modules from other contributers. The seteam/splunk module will be removed in future.

Overview

This module provides a method to deploy Splunk Server or Splunk Universal Forwarder with common configurations and ensure the services maintain a running state.

This module does not configure firewall rules. Firewall rules will need to be configured separately in order to allow for correct operation of Splunk and the Splunk Universal Forwarder. Additionally, this module does not supply Splunk or Splunk Universal Forwarder installation media. Installation media will need to be aquired seperately, and the module configured to use it.

Installation & Setup

To begin using this module, use the Puppet Module Tool (PMT) from the command line to install this module:

puppet module install seteam-splunk

This will place the module into your primary module path if you do not utilize the --target-dir directive.

Once the module is in place, there is just a little setup needed.

First, you will need to place your downloaded splunk installers into the files directory, <module_path>/splunk/files/. The files must be placed according to directory structure example given below.

The expected directory structure is:

  `-- files
      |-- splunk
      |   `-- $platform
      |       `-- splunk-${version}-${build}-${additl}
      `-- universalforwarder
          `-- $platform
              `-- splunkforwarder-${version}-${build}-${additl}

A semi-populated example files directory might then contain:

  `-- files
      |-- splunk
      |   `-- linux
      |       |-- splunk-4.3.2-123586-linux-2.6-amd64.deb
      |       |-- splunk-4.3.2-123586-linux-2.6-intel.deb
      |       `-- splunk-4.3.2-123586-linux-2.6-x86_64.rpm
      `-- universalforwarder
          |-- linux
          |   |-- splunkforwarder-4.3.2-123586-linux-2.6-amd64.deb
          |   |-- splunkforwarder-4.3.2-123586-linux-2.6-intel.deb
          |   `-- splunkforwarder-4.3.2-123586-linux-2.6-x86_64.rpm
          |-- solaris
          |   `-- splunkforwarder-4.3.2-123586-solaris-9-intel.pkg
          `-- windows
              |-- splunkforwarder-4.3.2-123586-x64-release.msi
              `-- splunkforwarder-4.3.2-123586-x86-release.msi

Second, you will need to supply the splunk::params class with three critical pieces of information.

  • The version of Splunk you are using
  • The build of Splunk you are using
  • The root URL to use to retrieve the packages

In the example given above, the version is 4.3.2, the build is 123586, and the root URL is puppet:///modules/splunk. See the splunk::params class documentation for more information.