Deployment Architecture

Deployment Architecture
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Community Activity
brettcave

Splunk shcluster configuration on master not updating config

I am trying to configure a master node in a splunk cluster to be an indexer master and shc deployer. I install Splunk...
by brettcave Builder in Deployment Architecture 10-06-2019
0 7
0
7
bmw417

Events in Index are Getting Duplicated Even Though They're Exactly The Same

I've been reading around the docs and other questions, and from what I can tell, Splunk is supposed to be taking an M...
by bmw417 New Member in Deployment Architecture 10-06-2019
0 2
0
2
naagaraj

Backup of splunk Indexes in amazon S3 bucket in splunk 7.x

Hi All, I am using splunk enterprise version 7.1. I am looking for a way to backup the splunk index data into Amazon...
by naagaraj Engager in Deployment Architecture 10-04-2019
0 1
0
1
rileyken

(unfortunately) My Splunk server is on Windows.. but I need to monitor linux servers

I have single windows server running Splunk enterprise, and I have a Linux server with the universal forwarder instal...
by rileyken Explorer in Deployment Architecture 10-04-2019
0 4
0
4
scottj1y

I can access every search head web page except for the captain

I've got a search head cluster running and have a host that I've set as the cluster captain. Other than the configur...
by scottj1y Path Finder in Deployment Architecture 10-03-2019
0 4
0
4
VijaySrrie

To make a indexer report to indexer cluster master

Our indexer cluster master has 2 indexers, one has stopped reporting The indexer which was reporting to indexer clus...
by VijaySrrie Builder in Deployment Architecture 10-03-2019
0 2
0
2
umesh_phendarka

Splunk Search Query for Logged-in Users on Linux Servers

What is the splunk Search Query for Logged-in Users on Linux Servers I want to have dashboard for currently logged i...
by umesh_phendarka New Member in Deployment Architecture 10-02-2019
0 2
0
2
jonringler

How to migrate two linux indexers into one

I am looking into simplifying my Splunk architecture. I currently have two Linux indexers in different regions. They...
by jonringler Engager in Deployment Architecture 10-02-2019
1 1
1
1
Olamide22

Deployment Clients can't check in to Deployment Server

All, I have gone through all the related threads here but I can't find a possible solution to my version of this is...
by Olamide22 Explorer in Deployment Architecture 10-02-2019
0 4
0
4
agarws8

A single forwarder has multiple GUIDs Splunk v7

On the forwarder management, I was missing a client (which is indexing data and showing in search as well) That same ...
by agarws8 New Member in Deployment Architecture 10-01-2019
0 1
0
1
zippyopsadmin

single logfile in local splunk server how to apply a multiple source type in splunk?

my local splunk master having a ossim_alarms.log file my requirement is that file to apply a multiple souretype
by zippyopsadmin New Member in Deployment Architecture 10-01-2019
0 1
0
1
robertlynch2020

How to update datamodels on a distributed system

Hi I have one search head and two indexers (Non-Clustered). So how do I update data models? (E.G new Field, update ...
by robertlynch2020 Influencer in Deployment Architecture 10-01-2019
0 5
0
5
kaskirana01

"Problem replicating config (bundle) to search peer...timed out; exceeded 60 sec" How do I resolve this error?

Problem replicating config (bundle) to search peer '10.215.3.196:8089',Reading reply to upload: rv=-2, Receive from=h...
by kaskirana01 New Member in Deployment Architecture 09-30-2019
0 2
0
2
geoppspl7

How does indexer cluster replication affect license usage?

For about a week, two of our indexers were not replicating to their slaves - oddly this reduced our license usage by ...
by geoppspl7 Explorer in Deployment Architecture 09-29-2019
1 7
1
7
thol

Missing events after network disruption

We have a index cluster with 10+ indexers running on Splunk version 6.6.1. Some of the indexed events suddenly went m...
by thol Explorer in Deployment Architecture 09-27-2019
0 2
0
2
adukes_splunk

How many indexers do I need in my Splunk deployment?

Does anyone have any good resources about indexes and index management? Before I set up a bunch of indexes, I'd like...
by adukes_splunk Splunk Employee Splunk Employee in Deployment Architecture 09-26-2019
0 3
0
3
aohls

Number of Index's to Host or Events

We are just starting to really dive into some more in depth reports. In some cases we are seeing some slow run times;...
by aohls Contributor in Deployment Architecture 09-26-2019
0 4
0
4
sachinbansal

Should we use deployment server for forwarders with index clustering?

Hi, Suppose we have index clustering implemented so can we use deployment server for forwarders? Regards, Sachin
by sachinbansal New Member in Deployment Architecture 09-25-2019
0 4
0
4
adukes_splunk

Can I use forwarders to scale my Splunk Cloud deployment?

Where can I find more information about using forwarders to manage my Splunk Cloud deployment?
by adukes_splunk Splunk Employee Splunk Employee in Deployment Architecture 09-25-2019
0 3
0
3
adukes_splunk

Can I use configuration files to extend the power of Splunk Enterprise?

Does anyone know where I can find guidance about editing configuration files?
by adukes_splunk Splunk Employee Splunk Employee in Deployment Architecture 09-25-2019
0 3
0
3
khyoung7410

Hot, warm to colddb movement

The method is which I can use (hot, warm db) for 1 year and I move to the cold db from this or greater? Description: ...
by khyoung7410 Communicator in Deployment Architecture 09-25-2019
1 6
1
6
jmulcaster_splu

Do you have any guidance about how to revitalize a Splunk Enterprise/Splunk Cloud deployment that's stuck on autopilot?

I have a Splunk Enterprise/Splunk Cloud deployment that's been on autopilot for a while. We've been adding data sourc...
by jmulcaster_splu Splunk Employee Splunk Employee in Deployment Architecture 09-25-2019
0 3
0
3
ajain_mi

App from single-instance to distributed deployment architecture.

Hi, I already have splunk app (used splunk JDK for development) which runs fine on single-instance splunk. I want t...
by ajain_mi Explorer in Deployment Architecture 09-24-2019
0 3
0
3
dave_maclean

Under what configuration file and stanza do I configure CMConfig - multisite=[true|false]?

Every 5 seconds on my deployment server (in a clustered environment), I get this in splunkd.log: WARN CMConfig - mu...
by dave_maclean Explorer in Deployment Architecture 09-24-2019
3 5
3
5
sdewar83

distributed search query works (kinda) but only returns single

Hi, We have 10 sites each with their own splunk server (search head, indexer etc). Each is collecting the same infor...
by sdewar83 Path Finder in Deployment Architecture 09-23-2019
0 3
0
3
Get Updates on the Splunk Community!

Simplifying the Analyst Experience with Finding-based Detections

    Splunk invites you to an engaging Tech Talk focused on streamlining security operations with ...

[Puzzles] Solve, Learn, Repeat: Word Search

This challenge was first posted on Slack #puzzles channelThis puzzle is based on a letter grid containing ...

[Puzzles] Solve, Learn, Repeat: Advent of Code - Day 4

Advent of CodeIn order to participate in these challenges, you will need to register with the Advent of Code ...