Time
1 hour 59 minutes
Difficulty
Beginner
CEU/CPE
2

Video Transcription

00:00
this module three video will be installing a universal foreigner
00:04
as a review. A universal forger gets installed on the machine you want to collect data from and Fords it on to be indexed and used.
00:13
There are other ways to get data in this monk, but this is a popular and useful method.
00:18
At this point, there are a few checks you should do to make sure when you install the universal Foreigner, you're able to send the data you want. Onward.
00:26
You'll need to make sure there's a clear path of communication between
00:30
where you install the universal forger in your splint, server and other splint components. When you decide
00:35
to break it out and add more pieces,
00:38
Splunk, by default, also uses several ports that will need to be open and allowed first book to work.
00:44
You also want to make sure that the account you're using to set up *** have the necessary permissions to access the data you want to Ford.
00:53
In this simple environment, you'll need ports 9997 and 80 89. Unless you like the chains ease from the default options.
01:02
This diagram from *** dot com is helpful at visualizing the communication path in this video or focused down here
01:10
on the communication between universal foreigner indexers and deployment server.
01:17
While it's important to know how to go through a manual insulation of the Universal Florida, another option to consider when you get to a larger environment is using a deployment tool like S E C M answerable or chef.
01:29
So to get started, I've got to
01:32
Machines will be working from this Lennox box is gonna be my main sponsor. Ver. It hosts a search head where we can log into Enron searches and checks and also functions for indexing and managing foreigners.
01:44
And then this Windows
01:47
machine is where we'll be installing the Universal Foreigner to start off. I'm logged in this point dot com. From here, we'll go to products
01:56
free trial and downloads
01:57
and then scroll down where we can download the Universal Foreigner
02:05
already downloaded it to save us some time. So I'm just gonna hop into my downloads folder here
02:09
and double click on this fur on it
02:15
except the license agreement hit next,
02:19
create a user name and password,
02:25
and then our,
02:28
um,
02:30
like you mentioned, we're not doing a distributor environment so our search head is
02:36
performing multiple roles, including that of a deployment server. So I put in the I p for that and the default management I p of 80 89
02:44
went next, and I'm also gonna put it here
02:46
as it works as an index. Sir.
02:53
Quick next and install
02:58
yes on that.
03:04
And it's successful insults. I'm gonna click finish.
03:09
And once you've done the install, something you'll probably want to do is restart the Splunk service.
03:23
I'm just gonna open this up. Scroll down Thio Splunk for their service.
03:31
Restart that
03:38
hot back
03:39
thio my Lennox machine here
03:45
and we're gonna go to settings once we've logged into the Web console
03:50
and Ford or management
03:55
and it's not yet picking it up.
03:59
Sometimes it takes a second
04:04
men in there and do a couple of refreshes. But now, under four other management, we can see this is the name of the host where installed the universal foreigner. So it's successfully reporting back
04:17
ah, to our deployment service last search head.
04:23
So with that, we could say that we've successfully completed the activity for this video and the next video will be for Module four will be working with data.
04:34
Thanks for watching

Up Next

Introduction to Splunk

This Splunk training class is designed to quickly introduce you to Splunk and its many capabilities.

Instructed By

Instructor Profile Image
Natasha Staples
Incident Response Security Engineer at Arrow Electronics
Instructor