What do the status flags mean in a Search Head Clu...

mciudad · ‎09-23-2016

When showing the Search Head Cluster status, we get something similar to this:

./splunk show shcluster-status

 Captain:
                  dynamic_captain : 0
                  elected_captain : Fri Sep 23 09:00:37 2016
                               id : B997E10B-0E99-4363-9887-66DE2BF8C379
                 initialized_flag : 1
                            label : shcaptain.cdn
                         mgmt_uri : https://10.17.240.141:8089
            min_peers_joined_flag : 1
             rolling_restart_flag : 0
               service_ready_flag : 1

But I'm having trouble finding documentation on that output.
- What's the difference between "initialized_flag" and "service_ready_flag"?
- What are the conditions for these flags to be 0 or 1?
- How many peers have to join for the "min_peers_joined_flag" to be 1? By "peers" it mean Splunk Indexers or members of the Search Head Cluster?

Thanks!

JamieTaschetti · ‎10-25-2017

That didnt answer the question of the init flag vs service flag

sowings · ‎03-08-2017

min_peers_joined_flag is true when there are at least as many search head peers as the replication_factor.

service_ready_flag is true when everything is up and running as expected "ready to go!"

dynamic_captain is true if the captain is selected by elections. If it's shown as 0, this is because you've assigned a static captain (no elections).

rolling_restart_flag is true when a rolling restart (either manual, or required by a "apply shcluster-bundle" from the deployer).

What do the status flags mean in a Search Head Cluster?

Adoption of RUM and APM at Splunk

Routing logs with Splunk OTel Collector for Kubernetes

Welcome to the Splunk Community!