Deployment Architecture

Discussions

Thread Info

If I am using a custom index, do we need to create this index on each and every peer in an indexer cluster?

Hello, I am new to Splunk. I am trying to deploy an indexer cluster (single-site) as the diagram in the docs s...

by Path Finder in

How to merge two apps in deployment server

I am looking for some help in managing apps using the deployment server. Here is the case. I have two different apps,...

by New Member in

Can I install both cluster master and SHC(Search Head Cluster)-deployer on the same machine/server?

I have deployment server to push apps to forwarders, cluster master to push apps to indexers and SHC deployer to push...

by Influencer in

Is there a way to detect in Splunk if a server was removed or deleted?

Is there a way to detect in Splunk if a server was removed or deleted from the network?

by New Member in

Deployment Server Behind HTTPS Proxy

Instead of having a deployment-server chain, I would like to provide access for some deployment clients through a htt...

by SplunkTrust in

Indexer Cluster - Cluster peer is downloading cluster bundle relatively

User case:  Cluster Masters with 30 Cluster Peers.  Pushed the Cluster Bundle  Most of the Cluster Peer Downloa...

by Communicator in

Can I have an indexer cluster on a single logical site, but the actual search peers in different physical network locations?

Hello Splunkers, We are migrating our Splunk deployment from a single Splunk indexer to an indexer cluster archite...

by Communicator in

How to distribute Distributed Search configuration using a deployer for a Search Head Cluster?

Hi, We recently set up a SH Cluster which includes 3 members and one deployer. Basic replication seems to be worki...

by Contributor in

Is there any practical/inexpensive way to do long time data storage in Splunk Cloud?

Hi, I've looked around in the documentation for how to set an archiving policy in Splunk Cloud, but I haven't foun...

by Builder in

Unable to bootstrap search head cluster captain

Environment: Windows Server 2012 Splunk Ent 6.3 3 Search Heads (all brand new instances) 1 Instan...

by Path Finder in

[SHC] Troubleshooting Configurations under Search Head Clustering

It will be nice to have high level documentation on Troubleshooting Configurations under Search Head Clustering

by Splunk Employee in

Can I run two Splunk instances on one physical server with one instance in a Search Head Cluster and the other in an Indexer Cluster?

I am developing a Disaster Recover solution for my Splunk environment and only have four physical servers (all 32 CPU...

by Explorer in

Why does my Search Head Cluster Captain start delegating scheduled jobs more to one cluster node over time, and how do I prevent this?

EDIT: This is still an issue in Splunk 6.4 I'm noticing that over time, my SHC captain starts favoring one cluster...

by Motivator in

Deployment Architecture

Discussions

If I am using a custom index, do we need to create this index on each and every peer in an indexer cluster?

How to merge two apps in deployment server

Can I install both cluster master and SHC(Search Head Cluster)-deployer on the same machine/server?

Is there a way to detect in Splunk if a server was removed or deleted?

Deployment Server Behind HTTPS Proxy

Indexer Cluster - Cluster peer is downloading cluster bundle relatively

Can I have an indexer cluster on a single logical site, but the actual search peers in different physical network locations?

How to distribute Distributed Search configuration using a deployer for a Search Head Cluster?

Is there any practical/inexpensive way to do long time data storage in Splunk Cloud?

Unable to bootstrap search head cluster captain

[SHC] Troubleshooting Configurations under Search Head Clustering

Can I run two Splunk instances on one physical server with one instance in a Search Head Cluster and the other in an Indexer Cluster?

Why does my Search Head Cluster Captain start delegating scheduled jobs more to one cluster node over time, and how do I prevent this?

multiple deployment servers - checksum mismatch among instances of apps

index delays with universal forwarder's parsing and tcpout queue full

Is this the correct way to use appOrder in user-prefs.conf on a search head cluster?

No logs from 2 SHC search heads

How do we clear out some indexed data in our indexer cluster?

Is it possible to replicate the KV store between search heads that are neither pooled nor clustered?

Redhat 7.2 redirect port 443 to port 8000

AWS Smartstore Architecture - i3

Fixup Tasks - Pending - streaming failure, failing...

Splunk search on SH return: Unknown error for inde...

Why am I getting "Signature mismatch between licen...

Is there a way to catch error from the Splunk cmd ...