Deployment Architecture

Discussions

Thread Info

Unable to see all indexers by default.

I've recently started a new job, of which one of my duties is to take over managing splunk from the previous administ...

by Engager in

Rawdata contains non-compressed file

Due to migration from a stand-alone indexer (on Windows) to three-node indexer cluster (CentOS), we are doing a test ...

by Communicator in

splunk show cluster-status --verbose only shows 'main' index

We have an indexer cluster with several custom indexes configured in the indexes.conf, however when we run splu...

by Explorer in

Is it better to have higher CPU for a search head or Indexer?

Hi I have just received 3 new machines for a Splunk cluster. The new machines are faster than my previous hardwar...

by Motivator in

Not able to create new index in standalone instance of Splunk indexer

Hi All, I've created new app with all the indexes required and have added all the stanzas for parameters.Restarted th...

by Explorer in

[smartstore] splunk smartstore and Data integrity

This question has come up a few times, how does Splunk handle data integrity in large ES implementation. On Splunk do...

by Motivator in

Best way to update mgmt_uri of a shcluster member

Hello all, I have a search head cluster where everything is working well. We have one member of the cluster where t...

by Observer in

How do you add a new Search Head to Splunk Monitoring Console?

Hi at all, I have a distributed environment with a Search Head Cluster, some indexers. Deployment Server and I can...

by Legend in

Events.conf & Tags.conf Configuration

Can someone please explain the importance of Events.conf & Tags.conf Configuration in Splunk also we use SVN torto...

by Observer in

SmartStore cache manager not enforcing limit enforced by

Cluster indexer across the site is configured with Smartstore. Each indexer has 6TB partition that is utilized by $SP...

by Motivator in

Architecting for Splunk Total Beginner

I am completely new to Splunk. I understand the basics but am lost on where to start with the designing for and suppo...

by Engager in

Query on Heavy forwarder with SSL connecting to indexer with SSL. So should all the UF agent connections also have SSL

Hello All, I have a UFs in cloud DCs. Proposed solution is to have SSL between the Indexer and the Heavy forward...

by New Member in

Ingest Netflow Data using Windows, Linux, Cisco Netflow

I would like some advice on what is the best way to implement the following solution. I would like to get netflow d...

by Observer in

re-mapping cold path variable with smartstore

We migrated almost all of our existing indexes from traditional indexes with separate warm and cold mount paths to sm...

by Motivator in

Certificate Template for a Server Cert

Hello, I have a Windows CA Server to sign my own requests. For the Web Certificate I have used the "Web Server" t...

by Engager in

Splunk Cluster: Index not Replicating

Hello, I have been trying to configure a little lab enviroment to test the replication functionality of Splunk 5 (...

by Explorer in

Distributed search and scripted lookups

In a distributed search environment, do the python files for scripted lookups have to be placed manually on the index...

by New Member in

What is SRM.exe?

Does anyone know what c:\program files\splunkuniversalforwarder\bin\srm.exe is? Our AV has flagged the file as susp...

by Path Finder in

what will happen if i reboot the cluster peer after running the maintenance mode on master and offline command on peer.

what will happen if i reboot the cluster peer after running the maintenance mode on master and offline command on pee...

by New Member in

Are my storage calculations correct?

Given the following indexes.conf configurations are my calculations and thoughts correct? [default]# set TSIDX sett...

by Path Finder in

Speak Up for Splunk Careers!

We want to better understand the impact Splunk experience and expertise has has on individuals' careers, and help highlight the growing demand for Splunk skills.

Deployment Architecture

Discussions

Unable to see all indexers by default.

Rawdata contains non-compressed file

splunk show cluster-status --verbose only shows 'main' index

Is it better to have higher CPU for a search head or Indexer?

Not able to create new index in standalone instance of Splunk indexer

[smartstore] splunk smartstore and Data integrity

Best way to update mgmt_uri of a shcluster member

How do you add a new Search Head to Splunk Monitoring Console?

Events.conf & Tags.conf Configuration

SmartStore cache manager not enforcing limit enforced by

Architecting for Splunk Total Beginner

Query on Heavy forwarder with SSL connecting to indexer with SSL. So should all the UF agent connections also have SSL

Ingest Netflow Data using Windows, Linux, Cisco Netflow

re-mapping cold path variable with smartstore

Certificate Template for a Server Cert

Splunk Cluster: Index not Replicating

Distributed search and scripted lookups

What is SRM.exe?

what will happen if i reboot the cluster peer after running the maintenance mode on master and offline command on peer.

Are my storage calculations correct?

We want to better understand the impact Splunk experience and expertise has has on individuals' careers, and help highlight the growing demand for Splunk skills.

Share your experience in our
Career Survey Now!

Events.conf & Tags.conf Configuration

Ingest Netflow Data using Windows, Linux, Cisco Ne...

Certificate Template for a Server Cert

what will happen if i reboot the cluster peer afte...

Are my storage calculations correct?