Deployment Architecture

Community Activity

How to delete app from splunk search head? I tried to remove the threatq application files from /etc/apps inside the search head but every time I remove them,... by aasserhifni Loves-to-Learn Everything in Deployment Architecture 04-23-2024 0 27	0	27
Deployment Server and HeavyForwarder app local folder Hello,if we have on DS "app/local" with conf files, is that possible restarting it that it pushes DS "app/local" to H... by splunkreal Influencer in Deployment Architecture 04-22-2024 0 2	0	2
Index rolling off data before retention age Hello guys.... I have this task to investigate why indexes roll of data before retention age. From my findings, it sh... by Marko Explorer in Deployment Architecture 04-19-2024 0 8	0	8
Having errors as a beginner Greetings, I have just started using splunk and I was trying to montior logs from my files section, And I am getting ... by ryuga_075 Observer in Deployment Architecture 04-19-2024 0 5	0	5
About maintaining indexes.conf In an indexed cluster environment, I set the following stanza configuration in the deployment server's serverclass.co... by masakazu Explorer in Deployment Architecture 04-17-2024 0 3	0	3
Why am I only seeing results from one search-peer? I'm trying to confirm that replication and searching can happen on one NIC while ingesting happens over a different N... by duke_splunk_adm Engager in Deployment Architecture 04-17-2024 0 21	0	21
My jobs and loadjobs not showing to my organization? So, I am running a job and I can see all my jobs and all the users jobs. However, the other users/power users cannot ... by sumarri Path Finder in Deployment Architecture 04-17-2024 0 1	0	1
unable to add new INDEXER to the Search Head in distributed peer I am unable to add new INDEXER to SH by TIAA Engager in Deployment Architecture 04-17-2024 0 2	0	2
"DMC Alert - Search Peer Not Responding" not working as expected I am working on "DMC Alert - Search Peer Not Responding" on master node. The query that it uses is as follows - \| r... by malhar_desai Engager in Deployment Architecture 04-15-2024 4 4	4	4
HA with just 2 indexers? Can this be done or is the official Splunk guidance to utilize an index cluster?Curious if there's any current (poten... by nonexpert New Member in Deployment Architecture 04-13-2024 0 2	0	2
index keeps rolling of data due to size index keeps rolling of data due to size even after size has been increased. Is there another way to resolve this issu... by Markfill Observer in Deployment Architecture 04-12-2024 0 7	0	7
Migration of deployment server to on-premise Hello team,We need to migrate deployment server from azure cloud to on-premise with new IP and Hostname.Please sugges... by Ashu_Splunk Loves-to-Learn in Deployment Architecture 04-12-2024 0 1	0	1
How can we ingest MDI logs to Splunk? How can we ingest MDI logs to Splunk? by RishavAnand New Member in Deployment Architecture 04-05-2024 0 6	0	6
Splunk Operator deployment in openshift cluster failing Hello, I am trying to install splunk operator using the operator Hub in OpenShift cluster through webconsole but it i... by spat New Member in Deployment Architecture 04-04-2024 0 0	0	0
Why is docker latest not on the most recent version (March 2024 edition) After attending a Splunk 9.2 webinar yesterday (3/28/24), I pulled a fresh docker container down using the "latest" ... by edlarsen Observer in Deployment Architecture 04-02-2024 0 1	0	1
Forward data to indexer cluster Hi,I am working in a distributed Splunk environment with one search head and an indexer cluster.I am trying to monito... by RanjithaN99 Explorer in Deployment Architecture 04-02-2024 0 1	0	1
Using Dynamic Dropdown values in link to dashboard option of dashboard studio I have a dashboard named dashboard1 created using splunk dashboard studio. It has dropdown as below : Based on the se... by Poojitha Communicator in Deployment Architecture 04-01-2024 0 0	0	0
Q1 Explain Splunk Enterprise Event Collector, Processor and Console architecture. by mariamms New Member in Deployment Architecture 03-31-2024 0 2	0	2
How to get data into Splunk without a universal forwarder I have an on-prem splunk enterprise installation, consisting exclusively of Universal forwarders and a single Indexer... by rob_gibson Path Finder in Deployment Architecture 03-27-2024 0 4	0	4
[SmartStore]Can you provide me with some clarification on remote.s3.supports_versioning configuration for SmartStore? When a bucket exceeds the configured data retention time and the parameter remote.s3.supports_versioning=true, then m... by rbal_splunk Splunk Employee in Deployment Architecture 03-26-2024 0 5	0	5
Why are UF's are disappearing from ForwarderManagement Dear Splunkers, Can you please assist with following problem: We have more 20 UF's installed on windows machines, all... by Gene Path Finder in Deployment Architecture 03-26-2024 0 23	0	23
"Splunk.exe restart" after "splunk clone-prep-clear-config" For non-persistent Instant-clones using VMware's clone-prep I have installed the UF with the launchsplunk=0 onto the ... by Brian2024 New Member in Deployment Architecture 03-24-2024 0 1	0	1
Splunk Migration from existing server to a new server Hi,I have a requirement to upgrade RHEL from version 7.9 to 8.X, and our infrastructure team is currently in the proc... by kvm Explorer in Deployment Architecture 03-22-2024 0 1	0	1
Splunk Indexer Cluster not identifying new bundle ID when trying to deploy new config to Indexers Hi,I am trying to deploy a new index to my indexer cluster via the Cluster Master and have followed the usual documen... by jwray97 Explorer in Deployment Architecture 03-21-2024 0 2	0	2
Right number and size of hot/warm/cold buckets Here is the index stanza: [new_dex] homePath = volume:hotwarm/new_dex/db coldPath = volume:cold/new_dex/colddb thawed... by rickymckenzie10 Explorer in Deployment Architecture 03-20-2024 0 3	0	3