sorry I posted this twice somehow it didn't update

I have a certain doubt.

"you can export all the views,searches etc from different app contexts from your existing search to be on safe side"

If I setup search head clustering later on. How do the dashboards, artifacts etc. Propagate from one site to the other? Should I back them up first ? Is this what you mean by exporting them to be safe?

I have a question here. If all the search heads are same, do we still need to setup deployer before initializing SHC member?

Yes. Deployer has to be defined in the configurations.

Thanks for your reply.

However, I check the document: http://docs.splunk.com/Documentation/Splunk/6.5.0/DistSearch/SHCdeploymentoverview

It says:
"It is recommended that you select the deployer now, as part of cluster set-up, because you need a deployer in place before you can distribute apps and updated configurations to the cluster members."
Does it mean that if we dont need to distribute apps and update configuration, there is no need to setup the deployer?

Another one:
"The -conf_deploy_fetch_url parameter specifies the URL and management port for the deployer instance. This parameter is optional during initialization, but you do need to set it before you can use the deployer functionality. See "Use the deployer to distribute apps and configuration updates." "

I just setup a SH cluster with 3 nodes and without deployer, but when I run the command "show shcluster-status", the member list just shows the captian, no other member. This is same when running the command on each search head.

[root@deploy-searchhead01 ~]# /opt/splunk/bin/splunk bootstrap shcluster-captain -servers_list "https://deploy-searchhead01.bigdata.emc.local:8089,https://deploy-searchhead02.bigdata.emc.local:808..." -auth admin:changeme
Successfully bootstrapped this node as the captain with the given servers.
[root@deploy-searchhead01 ~]# /opt/splunk/bin/splunk show shcluster-status -auth admin:changeme

Captain:
dynamic_captain : 1
elected_captain : Fri Oct 21 12:20:43 2016
id : 6F21DCB3-0E06-4AA0-8E1C-7FE2D2712588
initialized_flag : 0
label : deploy-searchhead01.bigdata.emc.local
mgmt_uri : https://deploy-searchhead01.bigdata.emc.local:8089
min_peers_joined_flag : 0
rolling_restart_flag : 0
service_ready_flag : 0

Members:
deploy-searchhead01.bigdata.emc.local
label : deploy-searchhead01.bigdata.emc.local
mgmt_uri : https://deploy-searchhead01.bigdata.emc.local:8089
mgmt_uri_alias : https://172.16.1.72:8089

status : Up

Thank you very much if you can help on it.

issue fixed. Check the log for reason: splunk/var/log/splunk/splunkd.log

Thanks for your response.SO, Can both a Standalone Search Head and a Search Head Cluster co-exist in the same environment?

Thanks

Didn't understand your question. Are you talking about having two separate instances?If yes, you can have 100s of instances as long as the SHC member is not part of another distributed search (Which is not possible by the way)

I was thinking about having a standalone search head and a cluster at the same time. I am planning to migrate to Search Head Cluster and I want to maintain a Backup Search Head (standalone) until I verify that the cluster is working fine.

Absolutely! That is quite possible

Thankyou..

Yes standalone and SH cluster can co exist. But the knowledge objects,users and roles will be limited to SHC or standalone depending where they exist. You cannot use the knowledge objects created on Standalone in SHC and vice versa.

Thanks.....