Deployment Architecture

Is it possible to use defaultGroup setting in a server.conf file?

New Member

Hi
I want to understand is it possible to use 'defaultGroup' setting in the server.conf file.
I can see in the documentation that defaultGroup is used in outputs.conf file but I've seen some configuration file where defaultGroup is used in server.conf file.
Can someone explain?

0 Karma

Motivator

defaultGroup is only valid in outputs.conf, and is used to declare a group of indexers/search peers.
This can be either on forwarders, or cluster members (HF for internal logs).
It is not set/used in server.conf.

https://docs.splunk.com/Documentation/Splunk/latest/Admin/Outputsconf

[tcpout]
defaultGroup = <target_group>, <target_group>, ...
* A comma-separated list of one or more target group names, specified later
  in [tcpout:<target_group>] stanzas.
* The forwarder sends all data to the specified groups.
* If you don't want to forward data automatically, don't set this setting.
* Can be overridden by an inputs.conf '_TCP_ROUTING' setting, which in turn
  can be overridden by a props.conf or transforms.conf modifier.
* Starting with version 4.2, this setting is no longer required.
0 Karma

SplunkTrust
SplunkTrust

Can you please explain, what you want to achieve?

0 Karma

New Member

Just asking if it is possible to use defaultGroup setting in the server.conf file?
I have server.conf file with this setting:

[default]
defaultGroup = splunkssl

Is this fine? Because in this document - https://docs.splunk.com/Documentation/Splunk/latest/Admin/Serverconf
defaultGroup setting is not present in server.conf file

0 Karma

SplunkTrust
SplunkTrust

No, there are no such parameter in server.conf

0 Karma
State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!