Deployment Architecture

Community Activity

Index Clustering Just got my license this past week and I've been having a blast setting up. Amazing program. Anyway, I'm running in... by teak421 Path Finder in Deployment Architecture 03-02-2020 0 3	0	3
splunk distributed environment issues I have some questions that i hope someone can help me clarifying them : 1) In an indexer cluster, can i install apps ... by elkhafif Explorer in Deployment Architecture 03-01-2020 0 4	0	4
When I run $SPLUNK_HOME/bin/splunk apply shcluster-bundle it runs successfully but when i open the searh head members no apps are installed !! HI, I have a critical issue , When I run $SPLUNK_HOME/bin/splunk apply shcluster-bundle it runs successfully but when... by elkhafif Explorer in Deployment Architecture 02-29-2020 0 4	0	4
How to fix sourcetype(s) without a corresponding license pool Dear supports, I use the OEM license, which means you can only usr the specific fixed prefix sourcetype "psc_". ... by liang_psc New Member in Deployment Architecture 02-27-2020 0 2	0	2
SHC member nodes status flickering on the 'indexer clustering' page Hello, We are running Splunk version 7.1.3. We have 2 SHCs connected to our indexers. For one of the SHCs, the SHC ... by rahul_bhatia New Member in Deployment Architecture 02-27-2020 0 9	0	9
How many apps can I deploy in Universal Forwarder? Hi everybody, I'm trying to deploy 2 apps in an universal forwarder from a deployment server. The problem that I'm e... by splunk_soc360 New Member in Deployment Architecture 02-27-2020 0 3	0	3
Deployment server and Deployer Server on a single splunk instance Hi Splunkers Can I use one single splunk instance as both the Deployer and Deployment server? If yes what are the pr... by aruncp333 Explorer in Deployment Architecture 02-26-2020 0 2	0	2
Getting "Error while fetching apps baseline on target=http://:8089: Network-layer error: Connection reset by peer'" trying to deploy apps to a search head cluster I'm having an issue running the command: splunk apply shcluster-bundle -target http://<cluster_captain>:8089 This ... by jking81 Explorer in Deployment Architecture 02-26-2020 0 4	0	4
I have an index created and the same index I named in inputs.conf but once I restart the forwarder it says the index is not configured ? Search peer xxx(servername) has the following message: Received event for unconfigured/disabled/deleted index=\xC2\xA... by akumarsripathi Observer in Deployment Architecture 02-24-2020 0 1	0	1
Is it possible to populate lookups in a SHC from a Heavy Forwarder I am using an app that pulls data from a provider (aws). Our current setup is as follows: App is installed on a heav... by brettcave Builder in Deployment Architecture 02-24-2020 0 1	0	1
Uninstall Splunk on Linux In the guide for uninstalling Splunk from Linux, it says; "rpm -e splunk_product_name". What is meant by, "splunk_pro... by Bill_B Communicator in Deployment Architecture 02-24-2020 0 7	0	7
Workload Management Configuration Currently the setup is likes this where i want to implement Workload Management ,so that the jobs need to balance all... by rafeeqsid25 New Member in Deployment Architecture 02-24-2020 0 3	0	3
Why deleted events reappear in indexcluster? Hi community, Sometimes we have to delete events in splunk especially because some GDPR reasons. After 5 year using ... by marcohoffmann Explorer in Deployment Architecture 02-24-2020 1 8	1	8
Move three indexes to another volume/paritition we are facing the disk space in HQ site with almost all the indexers with 95% disk space is fully utilized. Total di... by riqbal47010 Path Finder in Deployment Architecture 02-23-2020 0 7	0	7
Blue-Green deployment for Splunk cluster for achieving near zero downtime during any upgrade I have a Splunk cluster consisting of a Master , 2 search-heads and 2 indexers. The indexers receive logs from forwar... by shaileshr1 Engager in Deployment Architecture 02-21-2020 1 1	1	1
Issue in Splunk Deployment Server Setup Hi, I am using a Splunk indexer as a deployment server. I have installed forwarders in about 15 machines and I am fe... by naagaraj Engager in Deployment Architecture 02-21-2020 0 3	0	3
If I cluster do I need RAID? Hi we are about to move from single install to cluster Install on 3 machines (1 search head and 3 indexers) and we a... by robertlynch2020 Influencer in Deployment Architecture 02-21-2020 0 4	0	4
How to add additional SPLUNK_COLD_DB path? We are running splunk 6.3.3 with a clustered environment (index cluster and search head cluster) Below is how our ind... by sim_tcr Communicator in Deployment Architecture 02-21-2020 0 4	0	4
how to find activities performed by users in unix server? Looking to collect activities performed by user in unix servers. Currently able to identify login activity. Also, t... by santhoshpriyan New Member in Deployment Architecture 02-20-2020 0 3	0	3
Custom audit path with rlog.sh Hi, I have audit data coming from a port (UDP) to Heavy Forwarder[via syslog] and have to apply rlog.sh on the same.... by payal23 Path Finder in Deployment Architecture 02-20-2020 0 3	0	3
Splunk Forwarder connection to Cluster Master Hi All, I am trying to build a query through which we can track if all the Splunk forwarders are connected to Cluste... by samadmemon Explorer in Deployment Architecture 02-18-2020 0 7	0	7
How to specify the storage ratio? Hi, splunkers: Is there any way to special the storage ratio? Like 30% log store on indexer A and the other 70% sto... by aojie654 Path Finder in Deployment Architecture 02-17-2020 0 4	0	4
Is there a way to share a Data Model across 2 Search Head Clusters Hi, We would like to use the same Data Model (same field extractions, same events, same acceleration window, etc.) i... by ctaf Contributor in Deployment Architecture 02-17-2020 1 4	1	4
How do I use the same data model on multiple search heads? Hi, I have 2 independent Search Heads (SH) (no clustering) and they use the same indexers. On the first SH: I have... by secuc2r83 Path Finder in Deployment Architecture 02-17-2020 0 10	0	10
Why is the search head status is flickering in the indexer clustering?` Search heads are up and healthy, but there is a fluctuation in the Search head status in the indexer clustering. Can... by AbilashSe Explorer in Deployment Architecture 02-17-2020 0 5	0	5