Open Tamerz opened 6 months ago
After a little more research I can see the full user name and group name is NT SERVICE\SplunkForwarder
as reported by Puppet.
i am facing similar issues -
but i have legacy clients trying to update setting this param in hiera or equivalent seems to work for me albeit a bit janky
splunk::forwarder::splunk_user: 'NT SERVICE\SplunkForwarder'
not sure about "clean" installs yet
Affected Puppet, Ruby, OS and module versions/distributions
How to reproduce (e.g Puppet code you use)
include puppet::forwarder
What are you seeing
The Linux package uses
splunkfwd
as the default user and group names. On Windows,SplunkForwarder
is used for the user and group names. This causes the module to fail setting file permissions.What behaviour did you expect instead
Output log