Automating Splunk Configuration Mark Phillips
Splunk user group - automating Splunk with Ansible
May 10, 2015
A talk I gave at the London Splunk User Group in July of 2014. A brief overview of why choose Ansible over the other options, then some live demos of configuring certain bits of Splunk with Ansible. Intended to be a taster of what's possible. All the Ansible playbooks are shared on Github, the link to which is in the presentation.
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Automating Splunk Configuration
Mark Phillips
Topics• Which tool?
• Demo: Configuration storage
• Demo: Enabling forwarding
• Demo: Installing and managing forwarders
• Demo: Maintaining apps
About Me
• Linux tinkerer since 1992
• Automating stuff since 1993
• “Done time” in small organisations through to Investment Banks
• I’m lazy
–Albert Einstein
“Make everything as simple as possible, but not simpler”
Infrastructure as code
Ansible• Agent less
• SSH for transport
• Common language - YAML
• Easy to learn quickly
Learn More• Slides from DevOps Cardif (Puppet vs Chef vs Ansible)
• Blog post I wrote last year
• Splunk's recent blog on Splunk + Ansible
• Get started with Ansible
El Reg: "Are your servers PETS or CATTLE?"
(The Splunk GUI is fine for managing a small estate)
(But as you get larger, really you need more help: automation)
Demos
Github repo used to build the demos: http://github.com/phips/splunkbox/tree/jldemo
Related Documents
