Re: What is the best way to check for hostname con...

ppeterson · ‎10-19-2016

I am looking for ideas on how to verify hostnames are correct when writing to the indexes and when phoning home as I have encountered a fair number of UF's that were renamed and this is causing some reporting issues. I was looking for ideas on how other may have handled this, particularly in a mixed environment of Windows and Linux.

ddrillic · ‎10-19-2016

What drives me bananas about this consistency issue, is the fact that some Linux servers hold the domain name as part of the server name (via uname -a) and some don't, in our company. We try to identify it during the sanity checks. Whether you want the domain name or not, you need to decide and override it, if needed.

It's at $SPLUNK_HOME/etc/system/local/server.conf -

serverName = <host>.<domain>.com

Or without the domain.

ppeterson · ‎10-20-2016

Glad to see I'm not suffering alone! I'm looking to leverage the Deployment Server an/or DMC to come up with a workable solution. With the amount of cloning and remames this is a bit of an issue with nearly 7000 UF's.

ddrillic · ‎10-20-2016

7000 UF's - serious stuff. Nothing should be manual at this scale...
Be sure that each UF server is configured correctly. We are running into issues of consistent crashes of the UFs. Quite often the ulimit -n (open files) is at 1024 versus the minimum of 8192. Lots of grief ; -)

What is the best way to check for hostname consistency in Linux and Windows UF deployments?

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor