Deployment Architecture

Community Activity

Splunk forwarder not detected Hello everyone,I have set up my Splunk server and Splunk forwarder. When I explore the settings, I can see one host a... by emreorhan Engager in Deployment Architecture 11-03-2024 0 3	0	3
Dispatch directory full Hi, if an environment encounters the error 'Search not executed: The minimum free disk space (5000MB) reached for /op... by enzomialich Path Finder in Deployment Architecture 11-01-2024 0 4	0	4
Splunk Forwarder Management Host List Is the List of Clients Displayed on the Forwarder Managment Console Synchronized with other Splunk Servers? We have ... by earl-b Engager in Deployment Architecture 10-30-2024 0 1	0	1
SearchHead with different times (_time) Good morning,I need help. I have three SearchHead servers.Two of them (SH1 and SH2) are presenting the "_time" field ... by isac_santana Explorer in Deployment Architecture 10-30-2024 0 3	0	3
Splunk Disaster Recovery I've been researching this topic for a while and am surprised I haven't really found a lot of data on this. I need t... by gnovak Builder in Deployment Architecture 10-29-2024 6 6	6	6
Unable to remove records from the Deployment Server Hi guys, i'm in need to delete some records from the deployment server although, when i do it via the forwarder manag... by TF39 Engager in Deployment Architecture 10-29-2024 1 5	1	5
Raft State Machine Hi.I do not understand well the SHC config,[raft_statemachine] disabled = <boolean> * Set to true to disable the raf... by verbal_666 Builder in Deployment Architecture 10-26-2024 0 7	0	7
LDAP bind password left in clear text on deployer What would be the proper way to push an authentication.conf from the deployer and have the bind password not left in ... by nyajoefit22 Loves-to-Learn Lots in Deployment Architecture 10-25-2024 0 3	0	3
Impossible to remove search head cluster I configured a search head cluster and configured a captain and added the searchheads to the indexer cluster.I now wa... by d123r432k Engager in Deployment Architecture 10-25-2024 0 4	0	4
Unable to fetch logs from Index in Search Head Hello,I have configured an index inside an indexer and when i try to fetch data from that index in search head not ge... by RAVISHANKAR Loves-to-Learn Lots in Deployment Architecture 10-25-2024 0 7	0	7
Props.Conf - By-Pass Hello ,i have a common log file which same name in both production and stage with different name for sourcetype.As i ... by RAVISHANKAR Loves-to-Learn Lots in Deployment Architecture 10-25-2024 0 5	0	5
OLD Indexers still give errors on SH-CLUSTER restart Hi there.This morning i did a SHC restart, and found something very strange from SHC Members,WARN DistributedPeer [1... by verbal_666 Builder in Deployment Architecture 10-24-2024 0 3	0	3
Adding a new search head to an existing Search Head Cluster, if I want to add the same users from LDAP, can I just copy authorize.conf & authorization.conf? I am adding a new search head to the existing search head cluster. I want to add the same users to the new search hea... by rcreddy06 Path Finder in Deployment Architecture 10-23-2024 2 3	2	3
Splunk indexer hot bucket roll to smartstore I am planning on upgrading our Splunk infrastructure which requires our Splunk indexers to go offline for few minutes... by Richy_s Path Finder in Deployment Architecture 10-22-2024 0 4	0	4
How to configure universal forwarder to send logs to Logstash for DB Connect? I'm trying to configuring Splunk Universal Forwarder to send logs to Logstash.I only have access to the Universal For... by pete00 Loves-to-Learn Everything in Deployment Architecture 10-21-2024 0 13	0	13
Splunk Distributed Deployment: Best Practisce Hello,I am writing to ask from which point regarding the EPS OR Daily ingested GB/day and the number of users simulta... by AliMaher Path Finder in Deployment Architecture 10-20-2024 0 5	0	5
Deployment Options Had some basic queries - Can splunk be deployed as a CNF on Redhat OpenShift Cloud Platform ??Also is the same deploy... by virgupta New Member in Deployment Architecture 10-18-2024 0 1	0	1
How to monitor Indexer rolling start from Internal logs Hi all, I am trying to build a query to monitor my indexer rolling restart I would like to know how much time it has ... by deepthi5 Path Finder in Deployment Architecture 10-16-2024 0 1	0	1
How to replicate or have a copy of index in two different Splunk Indexer located in different place. Currently I am having a Splunk Indexer with multiple Indexes and a Search Head.I would like to have one or two indexe... by RAVISHANKAR Loves-to-Learn Lots in Deployment Architecture 10-15-2024 0 2	0	2
streamfwd app error in /var/log/splunk/streamfwd.log Hello! I am trying to get the streamfwd app to capture traffic on an interface located on my virtual machine.Does thi... by johnncennaa Engager in Deployment Architecture 10-14-2024 1 8	1	8
Search head's authentication credentials rejected by peer Hi,I encountered an issue where my indexer disconnected from the search head (SH), and similarly, the SH and indexer... by BRFZ Communicator in Deployment Architecture 10-14-2024 0 1	0	1
Splunk hight monitoring memory vs VM low memory used Hi splunkers ! I got a question about memory. In my splunk monitoring console, I get approx 90% of memory used by sp... by _olivier_ Path Finder in Deployment Architecture 10-14-2024 0 2	0	2
Index Volume Location On Search Heads still a total newb here so please be gentle, on Microsoft Window 2019 servers we have an Index cluster and here's how... by Gregski11 Contributor in Deployment Architecture 10-11-2024 0 3	0	3
Splunk-Operator Indexer Cluster Access Issues I am testing out the Splunk Operator Helm chart to deploy a C3 architecture Splunk instance. At the moment everything... by ZimmermanC1 Explorer in Deployment Architecture 10-08-2024 0 2	0	2
Passing multiple tokens to another dashboard using dashboard studio Hi All,I have a dashboard built using dashboard studio. I want to pass multiple tokens to another dashboard on click ... by Poojitha Communicator in Deployment Architecture 10-08-2024 0 1	0	1