Deployment Architecture
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Is it best practice to migrate eventtypes to the Search app with or without the search head cluster deployer?

pattokt
Explorer
‎12-07-2015 09:14 AM

Is it best practice to copy the /search/local directory to the new search head cluster members and not use the deployer? I used a deployer to set up LDAP, but per documentation, it says not to do the same for the search application.

Per Documentation:

The types of updates that the deployer handles
These are the specific types of updates that require the deployer:

  • New or upgraded apps.
  • Configuration files that you edit directly.
  • All non-search-related updates, even those that can be configured through the CLI or Splunk Web, such as updates to indexes.conf or inputs.conf.
  • Settings that need to be migrated from a search head pool or a standalone search head. These can be app or user settings.
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

lguinn2
Legend
‎12-07-2015 11:35 AM

Do not use the Deployer to update the apps that come with Splunk: search, launcher, etc. Here is an answer that should help, along with a link to the documentation

Migrate from a standalone searchheads

Migrating separate environments to SHC

I guess that you could do this manually, without the deployer, but it would be hard and error-prone. IMO, the method described in the doc/answer will work better.

View solution in original post

Reply
Solved! Jump to solution
Solution

lguinn2
Legend
‎12-07-2015 11:35 AM

Do not use the Deployer to update the apps that come with Splunk: search, launcher, etc. Here is an answer that should help, along with a link to the documentation

Migrate from a standalone searchheads

Migrating separate environments to SHC

I guess that you could do this manually, without the deployer, but it would be hard and error-prone. IMO, the method described in the doc/answer will work better.

Reply
Get Updates on the Splunk Community!

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...

🔐 Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler

From Idea to Implementation: Why Splunk Built mTLS into Splunk Enterprise 10.0  mTLS wasn’t just a checkbox ...