Deployment Architecture

Community Activity

Possible combinations of Splunk Instances with different Roles Hi all, I'm often facing the question in which way Splunk Instances with different Roles can be combined - especially... by christian_l Path Finder in Deployment Architecture 05-26-2020 2 5	2	5
Why did our search head crash? and how can we prevent it? Our search head crashed, saying - -- Apr 23 09:00:35 kernel: Out of memory: Kill process 2137 (splunkd) score 162 or ... by danielbb Motivator in Deployment Architecture 05-25-2020 0 2	0	2
Why are Security Roles, Indexes not showing up on SHC? I have a number of indexes that only exist on the indexers. In the past, I know that I have been able to select them ... by JDukeSplunk Builder in Deployment Architecture 05-25-2020 1 4	1	4
Web_service.log is empty after upgrading from Splunk version 7.3 to 8.0. I have just upgraded my Splunk deployment server from 7.3 to 8.0 and after upgrading the web UI will not come up. I w... by dolj Explorer in Deployment Architecture 05-24-2020 0 6	0	6
Deployment Server and deployment apps issue. I am having issues with my deployment app config files. Whenever I edit the config file for my applications in my dep... by splunktrainingu Communicator in Deployment Architecture 05-22-2020 0 1	0	1
Any Risk if increased/decreased index data size Hi, I have created one index of size 500GB(maxTotalDataSizeMb) and also included frozen path where data will get stor... by ips_mandar Builder in Deployment Architecture 05-22-2020 0 1	0	1
Splunk using 8089 port for SSL Version 1 and 3 Protocol communication As the security search report,Security team find out port 8089 had a some of the security issue here. How I can di... by soralai New Member in Deployment Architecture 05-22-2020 0 1	0	1
No route to host at 8089 cluster My indexer cluster is down except for 1 out of 6. 8089 is suddenly not working for indexers and CM<>indexer comms and... by mguhad Communicator in Deployment Architecture 05-22-2020 0 17	0	17
Splunk not restart Hi experts, I try to restart our splunk server, but its not start. Earlier I try to start from UI, but it not start. ... by arun_kant_sharm Path Finder in Deployment Architecture 05-21-2020 0 10	0	10
Search Heads are unable to distribute to Indexers Find that it has the frequent error message that the search head cannot connect to the Indexer. "Unable to distribute... by tlam_splunk Splunk Employee in Deployment Architecture 05-21-2020 0 2	0	2
How to package custom app in Default splunk package / executable? Hi folks, I have a requirement to add custom app in the default splunk executable. Currently, we are having splunk .t... by ayush1906 Path Finder in Deployment Architecture 05-21-2020 0 4	0	4
How do we handle servers with untuned NTP service? We occasionally come across servers with universal forwarders or devices that send syslog and their NTP service is of... by ddrillic Ultra Champion in Deployment Architecture 05-21-2020 0 3	0	3
Search head had bad DNS entry - Now can't delete it from the cluster There was an extra incorrect A record in DNS for one of my search heads that I am building. As a result when I tried ... by morphis72 Path Finder in Deployment Architecture 05-21-2020 0 3	0	3
UniversalForwarder ParsingQueue filling up I have been troubleshooting blocked queues, and been gradually eliminating them. My last step was to switch from a he... by oliverj Communicator in Deployment Architecture 05-21-2020 0 8	0	8
Get data from different Splunk Instances? Hi, I have 3 different instances that are totally separate. First one is Standalone single SH Enterprise serverIndexe... by gyarici Path Finder in Deployment Architecture 05-20-2020 0 9	0	9
Identify Splunk instance role Hi, I need to find a way to identify if a Splunk instance is a an HF/UF/Indexer?Deployer/Deployment Server etc. in a... by mbasharat Builder in Deployment Architecture 05-19-2020 0 1	0	1
Can one dismiss the "Disconnected from Splunk server" When the connection to Splunk is lost, the "Disconnected from Splunk server" message appears and the backdrop obscure... by malvidin Communicator in Deployment Architecture 05-19-2020 0 0	0	0
Splunk Forwarders Input.Conf Setting Environment Variable I am looking for a way to deploy Splunk Forwarders to a Server Farm. I would like to package the installation and the... by ezajac Path Finder in Deployment Architecture 05-19-2020 0 6	0	6
DNS load balancing deployment client traffic I would like to be able distribute the load of universal forwarder based deployment client traffic across my pool of ... by dstaulcu Builder in Deployment Architecture 05-19-2020 0 15	0	15
How can I run S3 compatibility checking tool to test a object storage? I want to use a object storage（not AWS，but use S3） as splunk smartstore。So I use S3 compatibility tool offerd by splu... by xccfff New Member in Deployment Architecture 05-19-2020 0 0	0	0
Indexer Splunkd services are not able to run Please any one help on this In indexer cluster environment one of the Indexer got stopped unable to start/restart C... by phanichintha Path Finder in Deployment Architecture 05-18-2020 0 1	0	1
Questions about data models, data architecture, and performance implications. I have several questions about data architecture that are rooted in CIM data models and performance considerations. B... by joshbeckett Explorer in Deployment Architecture 05-15-2020 1 1	1	1
License usage in Indexer Cluster Hello, I have a simple question, Does using indexer clustering affect Index Per Day license usage? for example, if I ... by jg91 Path Finder in Deployment Architecture 05-14-2020 0 3	0	3
If maxDataSize in indexes.conf is for hot buckets, then what parameter needs to be defined to set the size for warm and cold buckets? In indexes.conf, it is given that "maxDataSize: The maximum size in MB for a hot DB to reach before a roll to warm is... by ankithreddy777 Contributor in Deployment Architecture 05-13-2020 0 6	0	6
how to configure Splunk search head cluster behind an F5 load balancer ? We don’t have anything set up currently for load balancing and this is something we are planning for first time using... by spsrasru Path Finder in Deployment Architecture 05-13-2020 0 8	0	8