- Tom Kopchak
- Apr 11, 2019
- Tested on Splunk Version: 6.0+
This series is designed to help you as you work to deploy and troubleshoot the Splunk Universal Forwarder (UF). In this portion, Tom will walk you through how to install the Hurricane Labs provided Splunk UF on one of your Windows systems.
The Hurricane Labs provided Splunk Universal Forwarder package is pre-configured for your environment, and contains all of the configuration necessary for the UF to connect to your Splunk instance and obtain additional configuration. You can deploy this package manually or through any system management tools that allow you to deploy an EXE in your environment.
Prior to installing this package, please ensure that your machine does not already have a Splunk Universal Forwarder installed. To uninstall one, please follow my Uninstall Walk-through tutorial. The Hurricane Labs provided package should only be used for clean installations, and not upgrades.
If you're looking for something different than the typical "one-size-fits-all" security mentality, you've come to the right place.