Deployment Architecture

Deployment Architecture
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
kimch330

how can i know the metrics logs capture from pipeline?

Hi splunkers! how can i know(/find) the metric logs capture from pipeline? I want to find the heavy forwarder resour...
by kimch330 Engager in Deployment Architecture 03-30-2020
0 0
0
0
satyenshah

Script to reload serverclasses that use a specified deployment-app

It's inconvenient that a Splunk deployment-server cannot reload an 'app'. It only reloads a 'serverclass'. Here's a...
by satyenshah Path Finder in Deployment Architecture 03-26-2020
1 0
1
0
mitag

"Master Dashboard" in a clustered instance shows only "Clustering: Search Head"

Either my instance is misconfigured - or the documentation has an error... or both? Per "Access the master dashboard...
by mitag Contributor in Deployment Architecture 03-26-2020
0 0
0
0
terpdog

server.conf creation for indexers and search heads

We are building some deployments and have noticed that when we rebuild a cluster in k8s that the "server.conf" in par...
by terpdog Explorer in Deployment Architecture 03-24-2020
0 0
0
0
ericpacker

Data Ingestion Only Works After Restart of Splunk

Scenario: I am using a script to poll cloud API for data at frequent intervals. The data is stored in archived *.csv....
by ericpacker Engager in Deployment Architecture 03-24-2020
1 0
1
0
ayushmaan

Username of person who restarted splunk

Hi everyone, I need to know the last activity of the command splunk restart. Is there a way I can find the username o...
by ayushmaan Explorer in Deployment Architecture 03-23-2020
0 4
0
4
ansif

Best Practice to send SHC cluster data to Indexer tier with SSL

Hi All, I have 2 certificates created 1 for forwarders and 1 for Indexers. Enabled SSL port as receiving port in clus...
by ansif Motivator in Deployment Architecture 03-23-2020
0 1
0
1
donaldwayne1975

UPD listening is not receiving events on one of my Universal Forwarders.

UDP listening is not working on one of my UF's. Have PCAPs confirming the events are successfully making it from the ...
by donaldwayne1975 Path Finder in Deployment Architecture 03-19-2020
0 3
0
3
sarit_s

REST API and search head cluster

Hello, In our system, Splunk REST API does a login call to Splunk in one of the search heads and gets a token from th...
by sarit_s Communicator in Deployment Architecture 03-19-2020
0 2
0
2
jeson240594

How to access REST API hosted on server using splunk Enterprise Query language

I have my API's hosted on server. I want o know if we can write a splunk query to get the data from my API. // NOTE: ...
by jeson240594 New Member in Deployment Architecture 03-19-2020
0 1
0
1
xchang1226

Why do I need layer-7 load balancer in front of Splunk Search Head Cluster

We are trying to add a load balancer in front of our Splunk Search Head Cluster (SHC), according to the official doc,...
by xchang1226 Path Finder in Deployment Architecture 03-18-2020
0 1
0
1
srikanth1216

Unable to deploy an custom app through a deployer

Hello Team , i have built search head cluster and i 'm trying to deploy and app thru deployer but getting the error ...
by srikanth1216 New Member in Deployment Architecture 03-17-2020
0 2
0
2
sarit_s

search head cluster with ansible and kubernetese

Hello how can i configure search heade cluster with ansible and kubernetese ? this is my configuration : splunk-ch...
by sarit_s Communicator in Deployment Architecture 03-16-2020
0 2
0
2
brentrmc

Why are my processing queues full on some indexers, and nearly empty on others?

In my indexer cluster, on the MC under "Indexing>Performance>Indexing Performance: Deployment" I'm noticing that some...
by brentrmc Explorer in Deployment Architecture 03-16-2020
0 5
0
5
brettcave

licensing in a distributed deployment

we've recently migrated to a distributed deployment, with a licensing server. a recent surge in events caused licensi...
by brettcave Builder in Deployment Architecture 03-16-2020
0 4
0
4
jking81

Splunk redirecting to 127.0.0.1 behind haproxy

We've added a self signed cert to our haproxy server which passes traffic on to our search head cluster. After doi...
by jking81 Explorer in Deployment Architecture 03-16-2020
0 3
0
3
rajiv_r

Migrating data from main index to new index in splunk cloud

I have pushed all my sourcetype in the main index since it was streaming through single app. Now i required to move t...
by rajiv_r Explorer in Deployment Architecture 03-16-2020
0 3
0
3
chengappamj

How to push higher Events into splunk server via TCP port.

so the case goes as such , I am only able to push btw 55-60EPS(Events per seconds) into an index via TCP port "5000"...
by chengappamj New Member in Deployment Architecture 03-14-2020
0 1
0
1
stromy

Heavy Forwarder TcpOutputProc output queue is not sending to AIO

Dears Thanks A lot for helping Already. i have 2 heavy forwarders(HF) and one Indexer(AIO) Im facing this issue fo...
by stromy Loves-to-Learn Lots in Deployment Architecture 03-13-2020
0 0
0
0
lianwan

Is it possible to merge two search clusters?

We have 2 separate search clusters fed by the same index cluster. The reason to have two search clusters was to host...
by lianwan Explorer in Deployment Architecture 03-13-2020
0 3
0
3
sunnyft

How to find the number of DNS servers issued by the DHCP servers.

How to find the number of DNS servers issued by the DHCP servers. Also, how to identify all DHCP servers in a particu...
by sunnyft Explorer in Deployment Architecture 03-12-2020
1 3
1
3
clementros

Splunk Forwarder do not send all data

Hi, I have installed splunk forwarder 8.0.2 to send data to the splunk entreprise 7.3.0. All day, multiple .err f...
by clementros Path Finder in Deployment Architecture 03-12-2020
0 6
0
6
ashrafk

Why is it not recommended to use deployment server for deploying config bundles to Search head cluster ?

Why is it not recommended to use deployment server for deploying config bundles to Search head cluster ? Why do we ne...
by ashrafk Explorer in Deployment Architecture 03-11-2020
0 5
0
5
ivohechmann

SHCluster: Deployer preserves apps instead of delete

Hello team splunk. Using Splunk 8.0.1 in clustered seach head mode. I cannot delete some apps on searchhead cluster ...
by ivohechmann Explorer in Deployment Architecture 03-11-2020
0 3
0
3
vishaltaneja070

decrease number of bundle created in /opt/splunk/var/run

Can we decrease number of bundle created in /opt/splunk/var/run this folder is having its own bundles Also, i am no...
by vishaltaneja070 Motivator in Deployment Architecture 03-11-2020
0 0
0
0
Get Updates on the Splunk Community!

Monitoring AI Agents with Splunk Observability Cloud

Let’s say I’m running a travel planning AI app in production. A user asks for three concise hotel options in ...

[Puzzles] Solve, Learn, Repeat: Tiling

This puzzle (first published here) is based on finding groups of tessellated tiles (inspired by floor tiles I ...

SOK it to Me: Top 3 Benefits of Using Splunk Operator on Kubernetes that’ll Make ...

    Thursday, July 9, 2026  |  11:00AM–12:00PM PDT Duration: 1 hour (includes Q&A) Managing can feel like a ...
Top Solution Authors
View All