Deployment Architecture
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Are there any ideal exceptions where DS has to be on windows when most of the servers are windows?

jonwick
Path Finder
‎10-17-2020 12:46 PM

We are planning to have DS linux based which would be used to deploy majorly on Windows servers and few Linux based servers.

Are there any exceptions where DS has to be kn Windows to push apps?

Will my Linux based  DS suffice for all(windows+linux) UFs???

We would be using DS to deploy only on UFs, no indexers, search heads in the context.

Reply
1 Solution
Solved! Jump to solution
Solution

gcusello
SplunkTrust
SplunkTrust
‎10-17-2020 05:55 PM

Hi @jonwick,

there isn't any requirement to have a DS with the same operative system of the most clients to deploy.

I always use Linux DS in my projets.

Because you deploy Splunk apps and TAs that are indipendent by the os you're using on the Forwarders.

About using DS also for Indexers and Search Head, you could but in my opinion isn't a good idea:

at first if you have a cluster (SHs or IXs) you cannot use DS, you have to use Deployer (for SHs) and Master Node (for IXs); 

then if you haven't a cluster, it means that you haven't many servers, so I prefer to manually update them, also because, using DS, you have to restart Splunk after updates and you cannot schedule restarts using DS (manually you can!) and this could be unacceptable for a production environment.

Ciao.

Giuseppe

View solution in original post

Reply
Solved! Jump to solution
Solution

gcusello
SplunkTrust
SplunkTrust
‎10-17-2020 05:55 PM

Hi @jonwick,

there isn't any requirement to have a DS with the same operative system of the most clients to deploy.

I always use Linux DS in my projets.

Because you deploy Splunk apps and TAs that are indipendent by the os you're using on the Forwarders.

About using DS also for Indexers and Search Head, you could but in my opinion isn't a good idea:

at first if you have a cluster (SHs or IXs) you cannot use DS, you have to use Deployer (for SHs) and Master Node (for IXs); 

then if you haven't a cluster, it means that you haven't many servers, so I prefer to manually update them, also because, using DS, you have to restart Splunk after updates and you cannot schedule restarts using DS (manually you can!) and this could be unacceptable for a production environment.

Ciao.

Giuseppe

Reply
Solved! Jump to solution

isoutamo
SplunkTrust
SplunkTrust
‎10-18-2020 06:57 AM
Actually there is one restriction for DS. You cannot use windows based DS for any other OS clients than windows. If you have other than windows clients then you must use Linux based DS which works with other OS too.
r. Ismo
Reply
Get Updates on the Splunk Community!

September Community Champions: A Shoutout to Our Contributors!

As we close the books on another fantastic month, we want to take a moment to celebrate the people who are the ...

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...