Deployment Architecture

set up an alert for SHC members

bsrikanthreddy5
Path Finder

I have my Search head cluster in AWS and I am looking to set up an alert each time new SHC members get added to the SHC cluster and old members get removed. 


I came across enabling "DMC Alert - Search Peer Not Responding", but it checks for all members (CM, Indexers, SHC members) added to MC . 

Can you please suggest if there is any other way to set up only for SHC members?  

Labels (1)
0 Karma

isoutamo
SplunkTrust
SplunkTrust

Probably you should keep inventory for members of that SHC nodes and in regular base run alert which check current situation towards that inventory. When there are changes then update inventory also.

I cannot check exactly commands now, but you could use rest + internal indexes to get those information. More about those e.g. https://community.splunk.com/t5/Deployment-Architecture/Is-there-a-REST-API-call-for-getting-the-sta...

r. Ismo

0 Karma
Get Updates on the Splunk Community!

Monitoring MariaDB and MySQL

In a previous post, we explored monitoring PostgreSQL and general best practices around which metrics to ...

Financial Services Industry Use Cases, ITSI Best Practices, and More New Articles ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Splunk Federated Analytics for Amazon Security Lake

Thursday, November 21, 2024  |  11AM PT / 2PM ET Register Now Join our session to see the technical ...