Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

What is the best naming convention for serverclasses?

yaye
Explorer
‎10-21-2022 12:25 PM

Hello,

I'm currently trying to update our Splunk environment, but one problem I'm having is getting our server classes named correctly to make them future-proof and easy to use.

Currently my server class naming convention looks something like this:

<name> (general serverclass)

<name>_<location>(location based)

<name>_<machine type> (machine type based)

<name>_<machine type>_<location> (location and machine type based)


Example:
clients

clients_munich

clients_berlin

clients_linux

clients_linux_munich

clients_linux_berlin

clients_windows

clients_windows_munich

clients_windows_berlin

 

I would also use this convention for all other "groups" that need server classes.

Server, Services, Appliances, Network, ...

If you need examples for them just ask me 😄

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

gcusello
SplunkTrust
SplunkTrust
‎10-22-2022 02:22 AM

Hi @yaye,

as @ITWhisperer hinted, the first thing id define (on paper) what each serverclass has to do.

In other words if the clients of Munich and paris must have the same apps you don't need to have two serverclasses.

So at first identify what each serverclass have to do in terms of apps to deploy, avoiding unuseful serverclasses that deploy exactly the same apps.

You could do this also defining a logic to use, and you can follow two approaches:

  • a serverclass for each omogeneous group of targets, in this way each target is in only one serverclass,
  • create different serverclasses for different scopes.

I prefer the second one:

for example, I create a serverclass to deploy the TA_Forwarders that contains outputs.conf and deploymentserver.conf and I created one serverclass for each group of targets that points to the same destination, on other words, one for the targets that point to one heavy Forwarder in a closed subnet, another for the targets that directly points to indexers and so on.

Then I created a serverclass for targets that need one or more special apps (e.g. syslog inputs or SAP, etc...)

In this way I can reduce the serverclasses and each target can be in more than one serverclasses.

Choose the logic you like!

then you can define a naming convention related to the logic you choosed: geografic, applications, ect...

Ciao.

Giuseppe

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

gcusello
SplunkTrust
SplunkTrust
‎10-22-2022 02:22 AM

Hi @yaye,

as @ITWhisperer hinted, the first thing id define (on paper) what each serverclass has to do.

In other words if the clients of Munich and paris must have the same apps you don't need to have two serverclasses.

So at first identify what each serverclass have to do in terms of apps to deploy, avoiding unuseful serverclasses that deploy exactly the same apps.

You could do this also defining a logic to use, and you can follow two approaches:

  • a serverclass for each omogeneous group of targets, in this way each target is in only one serverclass,
  • create different serverclasses for different scopes.

I prefer the second one:

for example, I create a serverclass to deploy the TA_Forwarders that contains outputs.conf and deploymentserver.conf and I created one serverclass for each group of targets that points to the same destination, on other words, one for the targets that point to one heavy Forwarder in a closed subnet, another for the targets that directly points to indexers and so on.

Then I created a serverclass for targets that need one or more special apps (e.g. syslog inputs or SAP, etc...)

In this way I can reduce the serverclasses and each target can be in more than one serverclasses.

Choose the logic you like!

then you can define a naming convention related to the logic you choosed: geografic, applications, ect...

Ciao.

Giuseppe

0 Karma
Reply
Solved! Jump to solution

gcusello
SplunkTrust
SplunkTrust
‎06-07-2023 11:11 PM

Hi @yaye ,

good for you, see next time!

Ciao and happy splunking

Giuseppe

P.S.: Karma Points are appreciated by all the contributors 😉

0 Karma
Reply
Solved! Jump to solution

ITWhisperer
SplunkTrust
SplunkTrust
‎10-22-2022 12:19 AM

How are you expecting to use the serverclass? How are you expecting it to change? What is important to you about the serverclass?

Whatever you choose, the important thing is probably picking one convention and sticking to it!

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Classroom Chronicles: Training Tales and Testimonials (Episode 2)

Welcome to the "Splunk Classroom Chronicles" series, created to help curious, career-minded learners get ...

Index This | I am a number but I am countless. What am I?

January 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  Happy New Year! We’re ...

What’s New in Splunk Enterprise 9.4: Tools for Digital Resilience

PLATFORM TECH TALKS What’s New in Splunk Enterprise 9.4: Tools for Digital Resilience Thursday, February 27, ...