File tree Expand file tree Collapse file tree 1 file changed +16
-1
lines changed
Expand file tree Collapse file tree 1 file changed +16
-1
lines changed Original file line number Diff line number Diff line change 6262# 20250115 change sha check to warning if custom build used (because hardcoded sha wont match)
6363# 20250115 add choice to only do setup (in case installation already done but setup failed)
6464# 20250123 up to 8.0.2
65+ # 20250505 add auto workaround for outputs reload that can lead to crash
6566
66- VERSION=" 20250123a "
67+ VERSION=" 20250505a "
6768
6869SCRIPTNAME=" installes"
6970
@@ -496,6 +497,20 @@ if [ "${PROCEEDSKIPINSTALL}" == "N" ]; then
496497 # timeout not supported here
497498 # ES install/upgrade
498499 ${SPLUNK_HOME} /bin/splunk install app ${ESAPPFULL} -update true
500+
501+ A=` find /opt/splunk/etc/apps/SplunkEnterpriseSecuritySuite/install -name " Splunk_TA_ueba*spl" `
502+ # Splunk_TA_ueba-3.2.0-73256.spl
503+ echo " repackaging to add simple outputs reload in $A "
504+ ls -l $A
505+ tar -C " /tmp" $A
506+ cat << EOT >> /tmp/Splunk_TA_ueba/default/app.conf
507+ [triggers]
508+ reload.outputs = simple
509+ EOT
510+
511+ tar -C" /tmp" $A Splunk_TA_ueba
512+ ls -l $A
513+
499514 # ${SPLUNK_HOME}/bin/splunk install app ${ESAPPFULL} -update true -auth admin:${PASSWORD}
500515 # App 'xxxxxx/yyyyyy/splunk-enterprise-security_472.spl' installed
501516 # You need to restart the Splunk Server (splunkd) for your changes to take effect.
You can’t perform that action at this time.
0 commit comments