I have 2 Splunk Cloud installations located in different regions (due to politics).
I would like to enable distributed search between the 2 installations, however, when I try to add a new search peer (using the admin account), I get the following error:
Encountered the following error while
trying to save: In handler
'distsearch-peer': Status 401 while
sending public key to search peer
https://idx1.xxxxx.splunkcloud.com:8089:
Unauthorized
What is the secret when adding a search peer between Splunk Cloud installations?
Another port?
Missing permissions? (I'm using the provided admin account)
Another URI?
Hope someone can help.
You'll need to open a ticket with support and ask for a hybrid search configuration. Let them know both stacks. There are some contraints, they will be able to validate for you.
You'll need to open a ticket with support and ask for a hybrid search configuration. Let them know both stacks. There are some contraints, they will be able to validate for you.