Hi! So I set up a F5 Load Balancer and listed all of my Splunk search heads as pool members.
Apparently the load balancer performs a health check, and therefore, requires a health monitor URI and a health monitor response!
So I'm consulting you guys, which URI and response should I use? It's just a simple request and response to check if my search head is up. With the default configurations my server is considered down, of course.
I have no experience with load balancers so please be gentle.
This is older but looks like it never got a solid answer. The easiest solution is to perform a simple port check.
I don't use F5, but the haproxy equivalent is such:
server shca101 :8000 weight 1 maxconn 2000 check port 8000 ssl verify none
server shca102 :8000 weight 1 maxconn 2000 check port 8000 ssl verify none
server shca103 :8000 weight 1 maxconn 2000 check port 8000 ssl verify none
Before sending traffic to any of the search heads the load balancer verifies that port 8000 is active. Assuming your web UI is using the default port 8000 of course.
Hi @agentsofshield ,
The simplest method is to configure an http monitor to check the service.
Select http as the health monitor and set
GET /\r\n as your send string in properties. This is very basic check but should work