Solved: What specs are needed for a deployment server to m...

thomas_forbes · ‎01-21-2016

Hello,

I am assembling a multisite clustered Splunk implementation. I am having a little trouble finding what sufficient specs are needed for a deployment server that will manage between 1500 - 2000 clients between 3 sites. Please advise on the CPU, memory, and storage.

Thank you,
Tom Forbes

javiergn · ‎01-21-2016

Hi,

I did struggle to find any recommended specs so I'll tell you what I did:

1700 clients
2 sites
Splunk 6.2
VM with 4 cores, 4GB RAM, operating system + 50GB free, 1 Gbps network
Operating system: Windows 2K12 initially but moved to Red Hat after noticing deployment to Linux clients wasn't working

Another piece of advise. We are keeping all our deployment configs in SVN.

Hope that helps.

View solution in original post

javiergn · ‎01-21-2016

Hi,

I did struggle to find any recommended specs so I'll tell you what I did:

1700 clients
2 sites
Splunk 6.2
VM with 4 cores, 4GB RAM, operating system + 50GB free, 1 Gbps network
Operating system: Windows 2K12 initially but moved to Red Hat after noticing deployment to Linux clients wasn't working

Another piece of advise. We are keeping all our deployment configs in SVN.

Hope that helps.

thomas_forbes · ‎01-21-2016

Also, please advise on any additional information you think as relevant as it pertains to this question.

What specs are needed for a deployment server to manage 1500 - 2000 forwarders in a multisite indexer clustering environment?

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases