All Apps and Add-ons

Install Google Maps on cluster - error with database file

charltones
Explorer

I have a 6.1 Enterprise cluster - two heads, three indexers, heavy forwarder. I'm trying to install the Google Maps app. I've installed it on the search head and on the indexers via the cluster-bundle.

I've run into what seems like this problem: http://answers.splunk.com/answers/135685/geoip-command-stops-working-after-upgrade-to-611-geoip-data...
But the suggested fix doesn't work because the path to the database file on the indexers is different to that on the head - i.e. there is no single path I can put into geoip.conf in order to make the error go away.

1 Solution

charltones
Explorer

I can answer my own question now, as I've just fixed this with help from Splunk support.

I had to do the following:

1) Install the google maps app on the search head and on the indexers - don't use the "cluster bundle" technique - actually log into the indexers and install the app that way.

2) Make the fix in this ticket http://answers.splunk.com/answers/135685/geoip-command-stops-working-after-upgrade-to-611-geoip-data... to the geopip config file on the search head only

3) Restart head and three indexers

View solution in original post

charltones
Explorer

I can answer my own question now, as I've just fixed this with help from Splunk support.

I had to do the following:

1) Install the google maps app on the search head and on the indexers - don't use the "cluster bundle" technique - actually log into the indexers and install the app that way.

2) Make the fix in this ticket http://answers.splunk.com/answers/135685/geoip-command-stops-working-after-upgrade-to-611-geoip-data... to the geopip config file on the search head only

3) Restart head and three indexers

Get Updates on the Splunk Community!

Splunk Enterprise Security 8.0.2 Availability: On cloud and On-premise!

A few months ago, we released Splunk Enterprise Security 8.0 for our cloud customers. Today, we are excited to ...

Logs to Metrics

Logs and Metrics Logs are generally unstructured text or structured events emitted by applications and written ...

Developer Spotlight with Paul Stout

Welcome to our very first developer spotlight release series where we'll feature some awesome Splunk ...