As per the Splunk doc on Deploy secure passwords across multiple servers the splunk.secret file will be automatically replicated by the Search Head captain during the initial cluster deployment.
Though Indexer cluster is entirely different to the Search Head Clustering and we have 50+ indexers in the multisite cluster, my queries are
2) you are OK, if you keep everything in plain text - but once the splunk is restarted, it will encrypt the passwords automatically.
Hi naveencardinalhealth, Thanks. I havent seen any documentation within the splunk docs. For SH Cluster, I do agree with you (https://docs.splunk.com/Documentation/Splunk/latest/Security/Deploysecurepasswordsacrossmultipleserv...) but for indexer i havent see any documentation.