Deployment Architecture

Start a Conversation

Discussions

Start a Conversation

Thread Info

indexed the data only once

Hi, is it possible to indexed the event only once. Thank you in advance.

by Contributor in

integrate standalone server into index cluster for search only

Hello All, We currently have a single standalone deployment (index and search head on single system). In addition,...

by Engager in

Which forwarder version sloves the timestamp recognition of dates with two-digit years fails beginning January 1, 2020?

We wonder which forwarder version solves this issue? We deployed the all_date_patch_props application to all the ...

by Motivator in

Turn-off Muster Node/License Master/Deployer Machine

Hello everyone, i'm actually dealing with an infrastructure composed by three search heads, two indexer and a sing...

by New Member in

how to assign data to an index?

I have data from different sources already forwarded to a forwarders. Indexes already created on a deployment-master ...

by Contributor in

HF and deployment server

Dear All, We are adding one HF more HF to our system and planning to build Deployment server as well. So we have 3...

by New Member in

How to forward logs from syslog server to splunk so that it is recognizable via their sourcetype?

eg. I have many logs forwarded to the syslog server. I intend to install a universal forwarder on that syslog serv...

by New Member in

Any Risk if increased/decreased index data size

Hi, I have created one index of size 500GB(maxTotalDataSizeMb) and also included frozen path where data will get stor...

by Builder in

How to Utilize all core on heavy forwarder on windows os

I have one Heavy forwarder where zip files are ingested and parsed and hardware specification of HF is 64 GB Ram and ...

by Builder in

Best practice for Shutting entire Splunk Distributed Environmen.

Got Cluster Master, Indexers, Deployment Server, Heavy Forwarder, Deployment Server, Search Heads, Universal Forwarde...

by Communicator in

Splunk not restart

Hi experts, I try to restart our splunk server, but its not start. Earlier I try to start from UI, but it not start. ...

by Path Finder in

Install java in search heads in kubernetes

I am trying to install java on my splunk search head in kubernetes. As indicated in previous forums, I tried adding t...

by New Member in

What are some cool things you've implemented in your Splunk environment?

This is information I'm always curious to know about other people's environments/setups. Is there anything you're...

by Builder in

Identify Splunk instance role

Hi, I need to find a way to identify if a Splunk instance is a an HF/UF/Indexer?Deployer/Deployment Server etc. in...

by Contributor in

How much time is required to deploy Splunk solution for IIoT?

Good day! Could you say, please, how many hours/days are approximatelly required to deploy Splunk solution for IIot (...

by New Member in

Indexer Splunkd services are not able to run

Please any one help on this In indexer cluster environment one of the Indexer got stopped unable to start/restart...

by Path Finder in

Index=perfmon deleted but still data is coming in

We get performance monitor data from windows_ta and windows_ta_dns ..We no longer need the data and dont care about o...

by Builder in

Which Deployer Push Mode

which deployer push mode is best or rather, what are the benefits of not going with the default 'merge_to_default'? j...

by Communicator in

Splunk forwarder on Linux RHEL 7

Team, Does the splunk forwarder 6.4.4 supports on Linux RHEL 7 server?

by New Member in

Why is collectd service is not sending data to splunk on Ubuntu 16?

collectd service is not sending data to splunk on Ubuntu 16. Jan 28 08:07:10 cga2ubctd systemd[1]: Starting Statis...

by New Member in

Deployment Architecture

Discussions

indexed the data only once

integrate standalone server into index cluster for search only

Which forwarder version sloves the timestamp recognition of dates with two-digit years fails beginning January 1, 2020?

Turn-off Muster Node/License Master/Deployer Machine

how to assign data to an index?

HF and deployment server

How to forward logs from syslog server to splunk so that it is recognizable via their sourcetype?

Any Risk if increased/decreased index data size

How to Utilize all core on heavy forwarder on windows os

Best practice for Shutting entire Splunk Distributed Environmen.

Splunk not restart

Install java in search heads in kubernetes

What are some cool things you've implemented in your Splunk environment?

Identify Splunk instance role

How much time is required to deploy Splunk solution for IIoT?

Indexer Splunkd services are not able to run

Index=perfmon deleted but still data is coming in

Which Deployer Push Mode

Splunk forwarder on Linux RHEL 7

Why is collectd service is not sending data to splunk on Ubuntu 16?

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.

Learn More or Register Now >

Unable to perform any operation : Previously sched...

Cluster Upgrade 8.0 > 8.2: KVStore Migration to Wi...

About update Splunkbase App with the Latest Add-On...

UF to Intermediate UF to Splunk Cloud SSL Connecti...

I see this error in my search head Low Level HTTP...

Deployment Architecture

Discussions

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20. Learn More or Register Now >

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.

Learn More or Register Now >