Deployment Architecture

Ask a Question

Discussions

Thread Info

Delivering Events to Splunk via MS Azure Event Hubs - Design Considerations and Recommendations

Howdy Splunk Community, I'm curious if anyone here has any experience, or is currently utilizing Splunk's "Azure F...

by Path Finder in

License Violations on Splunk free trial- How do I fix this?

Good Day, I am a brand new Splunk user who recently downloaded the free trial splunk license. I was ...

by Engager in

How can I get Splunk index daily data volume size for specific index?

how can I get Splunk index daily data volume size for a specific index? thanks,

by Communicator in

Diagram of Splunk Common Network Ports

What are Splunk Common Network Ports that I may need to open to allow traffic through a firewall?

by Motivator in

How to migrate Heavy Forwarder from Windows server to Linux Server

Hi All, Currently we are using 3 Heavy Forwarder in Windows server. Due to budget problem we are planning to move a...

by Path Finder in

Can someone explain Apps deployed via deployment server (indexer cluster) vs Apps deployed via deployer (shcluster)?

For those of you who have both indexer cluster and search head cluster, I assume you have both "deployment server" wh...

by Explorer in

Why are new indexers not updated even though indexer discovery is enabled in both master node and deployment server?

I just enabled my indexer discovery on my master node and on my deployment server. I then added three (3) new indexe...

by Observer in

What is the limit of users online in Splunk Enterprise?

Hello , I need to find which is the limit of user that can be online using Splunk Enterprise at the same time ; ...

by Engager in

Do all hot buckets of one indexer migrate to warm buckets and create small buckets...?

Do all HOT buckets of one indexer migrate to WARM buckets and create small buckets because the connection between the...

by Explorer in

Is it possible to create a cluster for the master or deployment server?

Does anyone know if it's possible to create a cluster for the deployment server or the master server? I´m asking t...

by New Member in

Why am I not receiving logs from some lists of servers when put them together, but receiving data if ran individually?

index=cgr_trial host=rp00001234 rp00002345 rp00002344

by Engager in

Is there documentation on UBA Migration - Ubuntu to RHEL

Looking to see if anyone has successfully migrated UBA nodes from Ubuntu to RHEL? We have several nodes that are EOL ...

by New Member in

How to exclude an app from being updated on shcluster?

Hello splunk team, I'm getting the following error while trying to deploy new app on our SH cluster. ...

by Loves-to-Learn Everything in

Why is splunkweb not starting on an indexer cluster member with hanging message "Waiting for web server at...to be available..."?

Hi, Sorry this could be a bit of a newb question, but I've spent a good few hours on this one and haven't managed ...

by Communicator in

Looking for a URL/API to configure on load balancer for SH healthcheck?

Hi Folks, we would like Load balancer to check Splunk search head health before redirecting. Could you please s...

by Engager in

How to exclude firewall events in Splunk?

Hi i am using palo-alto firewall. i am getting firewall logs to syslog server and monitoring those logs and forwar...

by Path Finder in

Splunk indexers diskpace mismatch in monitoring console

We have indexer cluster deployment. We recently added additional memory to all the indexers. In splunk monitoring ...

by Explorer in

No internal logs received?

Hello, Can anyone help me out with the problem of client connected to deployment server but unable to send lo...

by Loves-to-Learn in

How to resolve this Error: socket_error=connect timeout while bringing search head captain up in GCP instance.

I am getting below error while bringing up the search head captain. The instance is hosted on Google Cloud Platform: ...

by Explorer in

UF not reading all the logs in a log file

Observed a peculiar case where UF in a syslog is not reading the complete log file . If for example there exists a pa...

by Explorer in

Can the Deployment Server also be a Deployment Client?

So I know that this sounds odd. Our Deployment Server is located on our Indexer Cluster Master. We are running all ou...

by Path Finder in

What is the best method to deploy Splunk enterprise in AWS?

Been tasked with deploying a highly available and scalable setup of Splunk in AWS. I've looked briefly at two meth...

by New Member in

Created splunk_app_db_connect, but how do I restart?

help !

by New Member in

Health of splunk Deployment issue- How to fix it?

Hi, In the indexer clustering> Data Durability . Root cause(s): . search Factor is not met . U...

by Path Finder in

Kv store migration before or after Splunk upgrade to 9.0.1

Hi all, we are planing to update to version 9.0.1. and I was wondering if the kv store migration from mmap v1 to Wi...

by Explorer in

Get Updates on the Splunk Community!

Deployment Architecture

Discussions

Delivering Events to Splunk via MS Azure Event Hubs - Design Considerations and Recommendations

License Violations on Splunk free trial- How do I fix this?

How can I get Splunk index daily data volume size for specific index?

Diagram of Splunk Common Network Ports

How to migrate Heavy Forwarder from Windows server to Linux Server

Can someone explain Apps deployed via deployment server (indexer cluster) vs Apps deployed via deployer (shcluster)?

Why are new indexers not updated even though indexer discovery is enabled in both master node and deployment server?

What is the limit of users online in Splunk Enterprise?

Do all hot buckets of one indexer migrate to warm buckets and create small buckets...?

Is it possible to create a cluster for the master or deployment server?

Why am I not receiving logs from some lists of servers when put them together, but receiving data if ran individually?

Is there documentation on UBA Migration - Ubuntu to RHEL

How to exclude an app from being updated on shcluster?

Why is splunkweb not starting on an indexer cluster member with hanging message "Waiting for web server at...to be available..."?

Looking for a URL/API to configure on load balancer for SH healthcheck?

How to exclude firewall events in Splunk?

Splunk indexers diskpace mismatch in monitoring console

No internal logs received?

How to resolve this Error: socket_error=connect timeout while bringing search head captain up in GCP instance.

UF not reading all the logs in a log file

Can the Deployment Server also be a Deployment Client?

What is the best method to deploy Splunk enterprise in AWS?

Created splunk_app_db_connect, but how do I restart?

Health of splunk Deployment issue- How to fix it?

Kv store migration before or after Splunk upgrade to 9.0.1

Thanks for the Memories! Splunk University, .conf25, and our Community

Data Persistence in the OpenTelemetry Collector

Introducing Splunk 10.0: Smarter, Faster, and More Powerful Than Ever

State of SIR in ServiceNow not capturing

Offline Logging and oberservability - on permises

v0.116.0 upgrade for EKS cluster gives webhook err...

My servers class Agent allways in Pending status

splunk_internal_telemetry:53 - Failed to send tele...

Deployment Architecture

Are you a member of the Splunk Community?

Discussions