Hello guys,
we are going to install two Heavy Forwarders on Windows 2012 R2 servers. The remaining instances of Splunk, which build-up our distributed architecture, are running on SLES.
As usual, according to [best practices][1], I was trying to distribute our "master" splunk.secret file to new Heavy Forwarders hosted on Windows servers.
I tried to install Splunk using the following command line:
*msiexec.exe /i splunk-<...>-x64-release.msi AGREETOLICENSE=Yes WEB_PORT= DEPLOYMENT_SERVER="" LAUNCHSPLUNK=0 INSTALL_SHORTCUT=0*
As expected the "splunkd" service did not start when installation finished, but unluckily a new splunk.secret was automatically created and contents where encrypted using it.
So I tried an interactive installation with only the "LAUNCHSPLUNK=0" flag and I monitored the file system: I noticed that the splunk.secret and the encrypted files are created at the same exact time, before the service is started.
**QUESTION: is it possible to install Splunk on Windows without the creation of a new splunk.secret and the subsequent encryption of data with it, in the same way it is possible in Linux?**
Thank you!
[1]: http://wiki.splunk.com/Things_I_wish_I_knew_then
↧