Deployment Architecture

Community Activity

Changing peer IP address ? Hello,I've got a cluster with 2 peers, 1 seach head and 1 CM. All of them with a single network.Due to network change... by fde Explorer in Deployment Architecture 05-13-2024 0 5	0	5
Deployment Clients not showing in Monitoring Console? Our Splunk instance is currently setup as a deployment server.All our clients have the Universal Forwarder installed ... by testingtena Loves-to-Learn Everything in Deployment Architecture 05-10-2024 0 3	0	3
Lost events on HF HEC Hello Team,Deployment with:- HF with ACK when sending to Indexer- HEC on HF with ACK- application sending events via ... by MichalG1 Path Finder in Deployment Architecture 05-08-2024 0 3	0	3
Error in 'litsearch' command: Your Splunk license expired or you have exceeded your license limit too many times. Probably the wrong board, choices were limited.In our dev environment we have a 3 node sh cluster, a 3 node idx clust... by richkappler Path Finder in Deployment Architecture 05-06-2024 0 1	0	1
Forwarder version 6.6.3 compatibilty with Indexer version 9.2 Hello,I need to upgrade the Splunk indexer version to version 9.2But, we have a few instances which have Splunk forwa... by SahilGupta942 Loves-to-Learn in Deployment Architecture 05-03-2024 0 1	0	1
Splunk package error Whenever I package the splunk app, I get execute permission error because I have 744 permission for conf files but sp... by automagication Engager in Deployment Architecture 05-02-2024 0 6	0	6
multi-site we plan to have a multi-site clustering setup in HQ and DR so the question is can i configure the indexers located at... by hazem Path Finder in Deployment Architecture 04-30-2024 0 9	0	9
cpu usages hi guys i want ask some of the value in "main" Tables, actually i'm tried to figure out for a some CPU Memory form a ... by 4mouse Engager in Deployment Architecture 04-28-2024 0 3	0	3
range() function I want to search for an Account_Name that has the maximum number of login attempts within a span of 10 minutes with r... by m_nouman New Member in Deployment Architecture 04-26-2024 0 3	0	3
App/Add-on I have an architecture with a single SH and two indexers. I've installed the Splunk for Microsoft 365 add-on on the s... by BRFZ Communicator in Deployment Architecture 04-26-2024 0 7	0	7
whitelisted to receive configuration from Splunk Deployment Server How to check if the host has been correctly whitelisted to receive configuration from Splunk Deployment Server? by SampathkumarK Loves-to-Learn in Deployment Architecture 04-25-2024 0 4	0	4
How to delete app from splunk search head? I tried to remove the threatq application files from /etc/apps inside the search head but every time I remove them,... by aasserhifni Loves-to-Learn Everything in Deployment Architecture 04-23-2024 0 27	0	27
Deployment Server and HeavyForwarder app local folder Hello,if we have on DS "app/local" with conf files, is that possible restarting it that it pushes DS "app/local" to H... by splunkreal Motivator in Deployment Architecture 04-22-2024 0 2	0	2
Index rolling off data before retention age Hello guys.... I have this task to investigate why indexes roll of data before retention age. From my findings, it sh... by Marko Explorer in Deployment Architecture 04-19-2024 0 8	0	8
Having errors as a beginner Greetings, I have just started using splunk and I was trying to montior logs from my files section, And I am getting ... by ryuga_075 Observer in Deployment Architecture 04-19-2024 0 5	0	5
About maintaining indexes.conf In an indexed cluster environment, I set the following stanza configuration in the deployment server's serverclass.co... by masakazu Explorer in Deployment Architecture 04-17-2024 0 3	0	3
Why am I only seeing results from one search-peer? I'm trying to confirm that replication and searching can happen on one NIC while ingesting happens over a different N... by duke_splunk_adm Engager in Deployment Architecture 04-17-2024 0 21	0	21
My jobs and loadjobs not showing to my organization? So, I am running a job and I can see all my jobs and all the users jobs. However, the other users/power users cannot ... by sumarri Path Finder in Deployment Architecture 04-17-2024 0 1	0	1
unable to add new INDEXER to the Search Head in distributed peer I am unable to add new INDEXER to SH by TIAA Engager in Deployment Architecture 04-17-2024 0 2	0	2
"DMC Alert - Search Peer Not Responding" not working as expected I am working on "DMC Alert - Search Peer Not Responding" on master node. The query that it uses is as follows - \| r... by malhar_desai Engager in Deployment Architecture 04-15-2024 4 4	4	4
HA with just 2 indexers? Can this be done or is the official Splunk guidance to utilize an index cluster?Curious if there's any current (poten... by nonexpert New Member in Deployment Architecture 04-13-2024 0 2	0	2
index keeps rolling of data due to size index keeps rolling of data due to size even after size has been increased. Is there another way to resolve this issu... by Markfill Observer in Deployment Architecture 04-12-2024 0 7	0	7
Migration of deployment server to on-premise Hello team,We need to migrate deployment server from azure cloud to on-premise with new IP and Hostname.Please sugges... by Ashu_Splunk Loves-to-Learn in Deployment Architecture 04-12-2024 0 1	0	1
How can we ingest MDI logs to Splunk? How can we ingest MDI logs to Splunk? by RishavAnand New Member in Deployment Architecture 04-05-2024 0 6	0	6
Splunk Operator deployment in openshift cluster failing Hello, I am trying to install splunk operator using the operator Hub in OpenShift cluster through webconsole but it i... by spat New Member in Deployment Architecture 04-04-2024 0 0	0	0