Solved: How do I locate the captain on a search head clust...

jldebell · ‎05-13-2015

I can't find the documentation about locating the captain, but I need to do a rolling restart. The docs mention it has to be initiated from the captain. Please advise.

Thanks, Jennifer

jldebell · ‎05-13-2015

The information is in docs.

splunk show shcluster-status -auth username:password

http://docs.splunk.com/Documentation/Splunk/6.2.3/DistSearch/SHCdeploymentoverview#4._Initialize_clu...

View solution in original post

jmervine · ‎01-31-2019

If you're trying to get the captain for programatic purposes, as I am, you can either use the API, like so:

curl -s -XGET -u "admin:${SPLUNK_PASSWORD}" \
    "https://${SPLUNK_ENDPOINT}/services/shcluster/status?output_mode=json" | \
  jq -r '.entry[0].content.captain.label'

Or if you can't install jq, you can do something like:

/opt/splunk/bin/splunk show shcluster-status -auth 'admin:${SPLUNK_PASSWORD}' | \
  grep label | head -n1 | cut -d ":" -f2 | xargs

How do I locate the captain on a search head cluster?

Re: How do I locate the captain on a search head cluster?

Re: How do I locate the captain on a search head cluster?