Deployment Architecture

Deployment Architecture
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Community Activity
gerryha

Does Splunk keep a copy of the indexed data? What happens if indexed files are later deleted?

I guess my real question is how do I move Splunk from one company to another, including some but not all of the data ...
by gerryha Explorer in Deployment Architecture 10-19-2022
0 4
0
4
debjit_k

Is it possible to monitor when User login from suspicious country?

Hi, im working on new use case, but was stuck in few things.  I want to create a use case logic to monitors whenever ...
by debjit_k Path Finder in Deployment Architecture 10-19-2022
0 3
0
3
debjit_k

How to build search for associate event code of a user?

Hi  Hope you are doing good.. I want to build one query where I will get user with associate event code or IP for exa...
by debjit_k Path Finder in Deployment Architecture 10-19-2022
0 3
0
3
ayush1906

Why is Splunk UI Slow?

Hello,    I have setup a cluster behind aws NLB, about a month back, suddenly the UI is taking too long to load, i tr...
by ayush1906 Path Finder in Deployment Architecture 10-19-2022
0 2
0
2
giselle_531

Does anyone know a command to monitoring the web loading response (time) of a Splunk page/server?

Does anyone know a command to monitoring the web loading response (time) of a Splunk page/server? Like when you navig...
by giselle_531 Observer in Deployment Architecture 10-18-2022
0 0
0
0
chimbudp

Where is my data get stored in Splunk ?

Splunk receives raw data. Splunk indexer will index the data to Series of Events. Both the raw data and also the inde...
by chimbudp Contributor in Deployment Architecture 10-18-2022
4 7
4
7
k31453

How long does monitor rolling restart take?

Hi, So I am trying to build SPL for how long does it take to restart splunk. BIt of context, We do sometimes do rolli...
by k31453 Explorer in Deployment Architecture 10-18-2022
0 2
0
2
splunkreal

How to reset corrupt peer (indexer) from cluster?

Hello, how to remove and clean corrupt peer (indexer) from cluster? Should we stop it then after hardware maintenance...
by splunkreal Motivator in Deployment Architecture 10-18-2022
0 4
0
4
skeer007

Splunk UF inputs.conf changed to new index: Why is source still being forward to old index in Splunk Cloud?

So a few days ago I typo'd the index name in the inputs.conf file on serverA running the universal forwarder, and ina...
by skeer007 Explorer in Deployment Architecture 10-13-2022
0 10
0
10
Marlan

Why do we get "not Ready for searchable rolling restart"?

We have a 8.1.2 dployment with 2 clustered indexers and a search head cluster. We have two master nodes, one is opera...
by Marlan Explorer in Deployment Architecture 10-13-2022
0 6
0
6
POR160893

Error while linking app to Splunk directory on Putty- How can this be solved?

Hi, I am creating a React app for Splunk on a Putty terminal. I am following the following tutorial:https://splunkui....
by POR160893 Builder in Deployment Architecture 10-12-2022
0 2
0
2
kristian_kolb

Duplicate GUIDs for cloned forwarders - how to correct?

Have run into a minor problem when cloning virtual machines with a forwarder installed. Unfortunately, the guid (glob...
by kristian_kolb Ultra Champion in Deployment Architecture 10-12-2022
4 8
4
8
Chiranjeev88

How to migrate a search head cluster to standalone search head?

Hi, i have to scale down my search head cluster to a standalone one but there is no documentation anywhere, is it pos...
by Chiranjeev88 Explorer in Deployment Architecture 10-11-2022
0 6
0
6
shrutheen

Increasing Replication and Search Factor

I have 3 Search Heads and 3 Indexers with Replication Factor =1 and Search Factor=1. My requirement is to increase th...
by shrutheen Explorer in Deployment Architecture 10-11-2022
0 1
0
1
dablab

Is it possible to allow users outside of my network to access Splunk Enterprise?

Am I able to set up a Splunk instance that would allow users outside of my network to enter my Splunk instance in a V...
by dablab Explorer in Deployment Architecture 10-11-2022
0 1
0
1
Sithima

How is Splunks performance affected when the status of the buckets become red in health check?

How does Splunk performance affect, when the status of "buckets_created_last_60m" and "percent_small_buckets_created_...
by Sithima Explorer in Deployment Architecture 10-07-2022
0 1
0
1
risingflight143

Splunk service active (exited) 8.2.2.0

On one of my RHEL 7.9 server, i am seeing splunk service is Active:active(exited). i am using 8.2.2.0. please guide m...
by risingflight143 Explorer in Deployment Architecture 10-05-2022
0 1
0
1
jpfrancetic

Why are Universal Forwarders not getting pushed config apps?

Hi Splunk community, I am currently having an issue with deploying apps to universal forwards.  On the deployment ser...
by jpfrancetic Path Finder in Deployment Architecture 10-04-2022
0 1
0
1
yiweishih

How to remove the decommissioned VM from Splunk Cloud?

I destroyed some VMs in my production recently. But I can still them in the page: "IT Essentials Work" => "Infrastruc...
by yiweishih Explorer in Deployment Architecture 10-03-2022
0 2
0
2
debjit_k

How to write a search to get total license warning?

Hi  Hope you are doing good.. I'm having a small query I want to check my license warning on my splunk with date I.e....
by debjit_k Path Finder in Deployment Architecture 10-02-2022
0 1
0
1
ejharts2015

Virustotal Checker: Why are we receiving "Socket Timeout. Check Your Internet Connection" error in the vtc_message field?

We just upgraded to the VirusTotal Checker 1.3 version and now we get a "Socket Timeout. Please Check Your Internet C...
by ejharts2015 Communicator in Deployment Architecture 10-01-2022
1 5
1
5
Christians86

Why can't I connect to splunk when using VM - splunk enterprise trial version

    Hi, I have had this problem twice now on two different computers.    I install debian/ubuntu Then I use the .deb ...
by Christians86 Explorer in Deployment Architecture 10-01-2022
0 7
0
7
rvdv

Can volume definitions point to a unique path per indexer in an indexer cluster?

Hi, I have a question related to defining volumes especially the coldvolume in our case. I want to point the coldvolu...
by rvdv Explorer in Deployment Architecture 09-28-2022
0 2
0
2
ates77

Why are tcp logs duplicating on splunk?

Our firewall logs shows twice on splunk. I configured rsyslog server with tcp. When I configure the log server with u...
by ates77 Explorer in Deployment Architecture 09-28-2022
1 1
1
1
fredclown

Should Hot/Warm and Cold storage be on physically different volumes?

We are in the process of building out a whole new Splunk environment. As a result we are trying to be thoughtful abou...
by fredclown Builder in Deployment Architecture 09-27-2022
0 2
0
2
Claim a $25 Cisco Store Gift Card
Help us improve the Splunk Community and complete our survey today!
Get Updates on the Splunk Community!

Splunk Enterprise Security(ES) 7.3 is approaching the end of support. Get ready for ...

Hi friends!    At Splunk, your product success is our top priority. With Enterprise Security (ES), we're here ...

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

Watch On Demand the Tech Talk, and empower your SOC to reach new heights! Duration: 1 hour  Prepare to ...

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...
Top Solution Authors
View All