mkdir /opt/splunkforwarder
useradd -m splunk
cd /opt/splunkforwarder
wget -O splunkforwarder-9.4.2-e9664af3d956-linux-amd64.deb “https://download.splunk.com/products/universalforwarder/releases/9.4.2/linux/splunkforwarder-9.4.2-e9664af3d956-linux-amd64.deb”
dpkg -i splunkforwarder-9.4.2-e9664af3d956-linux-amd64.deb
chown -R splunk:splunk /opt/splunkforwarder
/opt/splunkforwarder/bin/splunk start

cd etc/system/local/
nano outputs.conf
nano inputs.conf

sudo systemctl restart SplunkForwarder.service
sudo systemctl status SplunkForwarder.service