Deployment Architecture
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

What does status=delegated_remote OR status=delegated_remote_completion mean in the scheduler log?

ben_leung
Builder
‎02-18-2015 01:43 PM

If looking at scheduler log from a single search head in the search head cluster, what does status=delegated_remote OR status=delegated_remote_completion mean? Does it mean that the search that was running to the current search head move to another search peer to run and complete?

Reply

jcrabb_splunk
Splunk Employee
Splunk Employee
‎04-16-2015 11:03 AM

This is logged on the captain in scheduler.log when a remote job is delegated to a member and when a remote delegated job is completed on a member.

Jacob
Sr. Technical Support Engineer
Reply

BP9906
Builder
‎04-16-2015 07:28 PM

How do you determine the peer the search was sent to?
I have a 2 peer SH cluster and the captain says status=delegated_remote and we received no alert. Not to mention that the other peer (not captain) is configured to be adhoc searching only. So why did the captain delegate it?

0 Karma
Reply

sowings
Splunk Employee
Splunk Employee
‎06-27-2018 01:11 PM

member_label / member_guid / member_uri from the same message. I've seen the captain report that it delegated a search to itself.

0 Karma
Reply

awilliams_splun
Splunk Employee
Splunk Employee
‎02-13-2017 06:59 AM

How do you have a two peer SHC? At least 3 Search heads are required.

0 Karma
Reply

ben_leung
Builder
‎02-18-2015 04:06 PM

I have not yet seen the scheduler skip a search yet... Wondering how the log looks like when it does skip... Anyone experience this in SHC yet?

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

Watch On Demand the Tech Talk on November 6 at 11AM PT, and empower your SOC to reach new heights! Duration: ...

Splunk Observability as Code: From Zero to Dashboard

For the details on what Self-Service Observability and Observability as Code is, we have some awesome content ...