Solved: What is aggregation in Splunk?

eitherlucas · ‎07-25-2019

The instruction of my project is: All local event logs must be duplicated to Splunk for events aggregation. In addition, I must aggregate events from one Centos 7 Virtual Machine to another Centos 7 virtual machine. I'm just new to Splunk and I don't quite understand what it means or how to even do it.

chinmoya · ‎07-25-2019

I am not quite sure what you want since the data provided are very limited.

But it seems like you want your data of one Splunk instance to be copied to another Splunk instance.
This can be done by indexer clustering.

Check out the below link it might help you out.

https://docs.splunk.com/Documentation/Splunk/7.3.0/Indexer/Basicclusterarchitecture

View solution in original post

chinmoya · ‎07-25-2019

I am not quite sure what you want since the data provided are very limited.

But it seems like you want your data of one Splunk instance to be copied to another Splunk instance.
This can be done by indexer clustering.

Check out the below link it might help you out.

https://docs.splunk.com/Documentation/Splunk/7.3.0/Indexer/Basicclusterarchitecture

What is aggregation in Splunk?

Unlock Database Monitoring with Splunk Observability Cloud

Purpose in Action: How Splunk Is Helping Power an Inclusive Future for All

[Upcoming Webinar] Demo Day: Transforming IT Operations with Splunk

Join the Conversation

What is aggregation in Splunk?

Unlock Database Monitoring with Splunk Observability Cloud

Purpose in Action: How Splunk Is Helping Power an Inclusive Future for All

[Upcoming Webinar] Demo Day: Transforming IT Operations with Splunk