diff --git a/applications/itd/splunk/module.nix b/applications/itd/splunk/module.nix
index 3c841fb..30dcb19 100644
--- a/applications/itd/splunk/module.nix
+++ b/applications/itd/splunk/module.nix
@@ -45,7 +45,7 @@ in {
     };
 
     # might not be required
-    #    networking.firewall.allowedTCPPorts = [8089];
+    networking.firewall.allowedTCPPorts = [8089];
 
     # set up the core files
     systemd.services."${name}_prestart" = {
@@ -137,21 +137,31 @@ in {
       ];
       path = with pkgs; [util-linux toybox];
       serviceConfig = {
-        Type = "oneshot";
-        User = cfg.user.user;
-        Group = cfg.user.group;
-        TimeoutSec = "infinity";
-        Restart = "on-failure";
-        #        WorkingDirectory = "${cfg.package}/share/gitlab";
-        #        Slice = "system-gitlab.slice";
-        RemainAfterExit = true;
-
+        Type = "simple";
+        Restart="always";
         Environment = "SPLUNK_HOME=${cfg.user.home}";
         ExecStart = "${package}/bin/splunk  _internal_launch_under_systemd";
-
-        # no so sure about these
+        KillMode="mixed";
+        KillSignal="SIGINT";
+        TimeoutStopSec=360;
+        LimitNOFILE=65536;
+        LimitRTPRIO=99;
+        SuccessExitStatus="51 52";
+        RestartPreventExitStatus=51;
+        RestartForceExitStatus=52;
+        User = cfg.user.user;
+        Group = cfg.user.group;
         NoNewPrivileges = "yes";
         AmbientCapabilities = "CAP_DAC_READ_SEARCH";
+
+        # ExecStartPre=-/bin/bash -c "chown -R splunk:splunk /opt/splunkforwarder"
+        Delegate="true";
+#         CPUShares=1024;
+#         MemoryLimit=3973632000;
+        PermissionsStartOnly="true";
+        # ExecStartPost=-/bin/bash -c "chown -R splunk:splunk /sys/fs/cgroup/cpu/system.slice/%n"
+        # ExecStartPost=-/bin/bash -c "chown -R splunk:splunk /sys/fs/cgroup/memory/system.slice/%n"
+        
       };
     };
   };