Solved: which components of splunk should be configured as...

AzmathShaik · ‎08-25-2016

Hello splunkers

in my environment i have
--- 40+ universal forwarders
--- 1 indexer cluster with 3 peer nodes
--- 1 indexer master node
--- 1 deployer
--- 1 search head cluster with 3 nodes
--- 1 license master

i am confused in configuring license slaves.. out of all the components on which i should Configure a license slave

Thanks in Advance

Raghav2384 · ‎08-25-2016

@AzmathShaik,

Entire Indexer Cluster
Cluster Master
Deployer Node
3 Search heads (SHC)

should be added as slaves to the License Master.

So, basically everything except universal forwarders needs to be added as Slaves in your case.

Please read: http://docs.splunk.com/Documentation/Splunk/6.4.2/Admin/Configurealicensemaster

Hope this Helps!

Thanks,
Raghav

View solution in original post

Raghav2384 · ‎08-25-2016

@AzmathShaik,

Entire Indexer Cluster
Cluster Master
Deployer Node
3 Search heads (SHC)

should be added as slaves to the License Master.

So, basically everything except universal forwarders needs to be added as Slaves in your case.

Please read: http://docs.splunk.com/Documentation/Splunk/6.4.2/Admin/Configurealicensemaster

Hope this Helps!

Thanks,
Raghav

AzmathShaik · ‎08-25-2016

hello

may i know how can i add search head cluster members as license slave to license master???

Raghav2384 · ‎09-01-2016

Either through server.conf where under license stanza you provide the uri to LM OR

via GUI where you select , associate with a license master and provide the mgmt_uri for LM

which components of splunk should be configured as LICENSE SLAVEs??

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases