Deployment Architecture

Community Activity

Kv store migration before or after Splunk upgrade to 9.0.1 Hi all,we are planing to update to version 9.0.1. and I was wondering if the kv store migration from mmap v1 to Wired... by daisy Explorer in Deployment Architecture 11-03-2022 0 2	0	2
Should a deployment server delete an application? The following documentation is from the URL http://docs.splunk.com/Documentation/Splunk/5.0.4/Deploy/Updateconfigurat... by lisaac Path Finder in Deployment Architecture 11-03-2022 0 4	0	4
Windows logs- Do security logs also help to monitor NTFS? Hi, Hope you are doing good just have 1 doubt.. On our Splunk windows, we have onboarded the security logs, so my do... by debjit_k Path Finder in Deployment Architecture 11-03-2022 0 3	0	3
Multi-tiered deployment arcitecture Hello Splunkers.I would like to ask for some advice from you, as we are planning to replace a lot of rsync scripts t... by Fonzie2k Path Finder in Deployment Architecture 11-02-2022 0 0	0	0
Deployment Server vs. Deployer- Can I send apps from the Deployment Server to the Deployer? I do now that you need a Deployer to send apps to a Search Head Cluster, but there are one thing I do not find any an... by jotne Builder in Deployment Architecture 11-01-2022 0 6	0	6
How to resolve Captain Connection error? Dears, We have the 3 SHC servers, and appearing below error in the health check icon on all SCH servers, you can see ... by Abdullah Explorer in Deployment Architecture 10-30-2022 0 2	0	2
How to deploy Splunk HF to two indexers? hi experts trying to deploy a HF and forward logs to 2 different indexers. clone datai have 2 UFs feeding windows and... by siuolkl Explorer in Deployment Architecture 10-29-2022 0 2	0	2
Cluster Map: Problem with Zoom & Center in Dashboard Good day fellow Splunkers! I'm having a small trouble with a Cluster Map in one of my dashboards which is driving me... by faguilar Path Finder in Deployment Architecture 10-29-2022 0 14	0	14
How to find time range and 1st and last event indexed in warm bucket events? Hello, I have a corrupted warm bucket. What I am trying to do is to find out is the time interval of the events store... by aatik5u Path Finder in Deployment Architecture 10-28-2022 0 3	0	3
Is there a way to not lose all the events in this bucket with a corrupted journal.zst file? Hello everyone! I am working on test environment where I only have one Splunk instance. I edited on the journal.zst f... by aatik5u Path Finder in Deployment Architecture 10-28-2022 0 2	0	2
Why are the indexers disk usage more than the smartstore volume? Hi, We have close to 1000 indexers in our splunk cluster on AWS. Each indexer has 15TB SSD local storage. Our retenti... by vtalanki Path Finder in Deployment Architecture 10-21-2022 0 3	0	3
Configuring Docker Splunk clustered searchhead to interact with external indexers Hello, I am trying to create a new clustered search head and was planning to create this using the docker images, I h... by ersky Observer in Deployment Architecture 10-20-2022 0 0	0	0
Does Splunk keep a copy of the indexed data? What happens if indexed files are later deleted? I guess my real question is how do I move Splunk from one company to another, including some but not all of the data ... by gerryha Explorer in Deployment Architecture 10-19-2022 0 4	0	4
Is it possible to monitor when User login from suspicious country? Hi, im working on new use case, but was stuck in few things. I want to create a use case logic to monitors whenever ... by debjit_k Path Finder in Deployment Architecture 10-19-2022 0 3	0	3
How to build search for associate event code of a user? Hi Hope you are doing good.. I want to build one query where I will get user with associate event code or IP for exa... by debjit_k Path Finder in Deployment Architecture 10-19-2022 0 3	0	3
Why is Splunk UI Slow? Hello, I have setup a cluster behind aws NLB, about a month back, suddenly the UI is taking too long to load, i tr... by ayush1906 Path Finder in Deployment Architecture 10-19-2022 0 2	0	2
Does anyone know a command to monitoring the web loading response (time) of a Splunk page/server? Does anyone know a command to monitoring the web loading response (time) of a Splunk page/server? Like when you navig... by giselle_531 Observer in Deployment Architecture 10-18-2022 0 0	0	0
Where is my data get stored in Splunk ? Splunk receives raw data. Splunk indexer will index the data to Series of Events. Both the raw data and also the inde... by chimbudp Contributor in Deployment Architecture 10-18-2022 4 7	4	7
How long does monitor rolling restart take? Hi, So I am trying to build SPL for how long does it take to restart splunk. BIt of context, We do sometimes do rolli... by k31453 Explorer in Deployment Architecture 10-18-2022 0 2	0	2
How to reset corrupt peer (indexer) from cluster? Hello, how to remove and clean corrupt peer (indexer) from cluster? Should we stop it then after hardware maintenance... by splunkreal Motivator in Deployment Architecture 10-18-2022 0 4	0	4
Splunk UF inputs.conf changed to new index: Why is source still being forward to old index in Splunk Cloud? So a few days ago I typo'd the index name in the inputs.conf file on serverA running the universal forwarder, and ina... by skeer007 Explorer in Deployment Architecture 10-13-2022 0 10	0	10
Why do we get "not Ready for searchable rolling restart"? We have a 8.1.2 dployment with 2 clustered indexers and a search head cluster. We have two master nodes, one is opera... by Marlan Explorer in Deployment Architecture 10-13-2022 0 6	0	6
Error while linking app to Splunk directory on Putty- How can this be solved? Hi, I am creating a React app for Splunk on a Putty terminal. I am following the following tutorial:https://splunkui.... by POR160893 Builder in Deployment Architecture 10-12-2022 0 2	0	2
Duplicate GUIDs for cloned forwarders - how to correct? Have run into a minor problem when cloning virtual machines with a forwarder installed. Unfortunately, the guid (glob... by kristian_kolb Ultra Champion in Deployment Architecture 10-12-2022 4 8	4	8
How to migrate a search head cluster to standalone search head? Hi, i have to scale down my search head cluster to a standalone one but there is no documentation anywhere, is it pos... by Chiranjeev88 Explorer in Deployment Architecture 10-11-2022 0 6	0	6