Deployment Architecture

Discussions

Thread Info

Is the hybrid search head limited to 90 days

Hi, I recently completed the Splunk Cloud Admin course and it made mention that a Hybrid Search Head could be set u...

by Explorer in

Precedence of log retention configuration

Hi Team,Our Splunk License is going to get expired and we are working to get a new license .Our current environment i...

by Observer in

Change deployment server IP on clients

Hi, I have bunch clients pointing to deployment server A, I need to make those clients to connect to deployment se...

by Explorer in

bundle files

What are *.bundle files for? which are located in the /opt/splunk/var/run directory. what data do they store in th...

by Engager in

How do I move 5 indexers (cluster 2) to our larger Index cluster (cluster 1)?

We have two index clusters, one has 5 indexers (cluster 2) and the other had 100+ indexers (cluster 1). We want t...

by New Member in

search head cluster out of space hard disk

I ran out of space in my HSC node. What is the best way to solve this problem? Should I move some of my data to anoth...

by Engager in

Upgrade plan and path From 7.2 to 8.0

I have two queries Here - 1. I am planning to upgrade my Environment to 8.0, I am not 100% sure about my upgrade p...

by Explorer in

Automatic Detention

Ended of hard disk space in SHC-01. is it possible to send a piece of data to SHC-02 to free up space in SHC-01

by Engager in

How to Setup Build jobs in Jenkins.

According to this ultimate Jenkin certification course following steps will assist you with building jobs in Jenkins:...

by New Member in

Slow/Unresponsive Deployment Server. Deployment Clients timing out.

There are 503 errors and DC can't connect messages in splunkd.log on deployment client.

by Splunk Employee in

splunk indexer: status: "pending", fully searchable: "no". How to fix?

After updating a bucket replication policy and doing a rolling restart of cluster indexers, one of the indexers seems...

by Contributor in

Data lost - splunk reload deploy-server

I noticed that when pushing configuration changed from the deployment-servers to addition compoents (U-forwarders, H-...

by Path Finder in

Deployment apps not reloading

Here are the contents of the /opt/splunk/etc/deployment-apps: [splunk@splunk deployment-apps]$ ls README Splunk...

by Path Finder in

How to monitor search head cluster from a monitoring console?

Hi, I have a clustered environment where I have 1 indexer master/license master, 1 search head deployer, 3 search hea...

by Explorer in

How to configure Data Model Acceleration when there are multiple search heads

TL;DR: In a site with multiple search heads; do I need to configure Data Model Acceleration on each and every search ...

by Explorer in

Deploy App to SearchHeads so they are Available in role creation

I have 3 search heads, 1 search head deployer. I need to create "a new app" for which I will create a role that wi...

by Explorer in

Splunk Error on Start When Configuring to Use CORS

Hi, we have an API that we are starting to send data to HEC. When I place [httpServer] crossOriginSh...

by Communicator in

Splunk server certificates are expired

Hi , I am new to Splunk administation and getting KV store errors. After checking mongod.log, found that the SSL an...

by Engager in

Splunk App for Infrastructure deploy through deployment server

Hello, we are trying out the Splunk App for Infrastructure. With the easy install script for windows, we get the da...

by Path Finder in

When KV Store got restarted

Hi, We have a search head cluster of 8 members in which KV store is failing frequently. We used to start services m...

by Engager in

Deployment Architecture

Discussions

Is the hybrid search head limited to 90 days

Precedence of log retention configuration

Change deployment server IP on clients

bundle files

How do I move 5 indexers (cluster 2) to our larger Index cluster (cluster 1)?

search head cluster out of space hard disk

Upgrade plan and path From 7.2 to 8.0

Automatic Detention

How to Setup Build jobs in Jenkins.

Slow/Unresponsive Deployment Server. Deployment Clients timing out.

splunk indexer: status: "pending", fully searchable: "no". How to fix?

Data lost - splunk reload deploy-server

Deployment apps not reloading

How to monitor search head cluster from a monitoring console?

How to configure Data Model Acceleration when there are multiple search heads

Deploy App to SearchHeads so they are Available in role creation

Splunk Error on Start When Configuring to Use CORS

Splunk server certificates are expired

Splunk App for Infrastructure deploy through deployment server

When KV Store got restarted

Precedence of log retention configuration

bundle files

How do I move 5 indexers (cluster 2) to our larger...

How to Setup Build jobs in Jenkins.

rebuild operation for multiple thawed buckets