Solved: Re: Why am I unable to create a connection between...

qazwsxedc994 · ‎07-16-2015

I am trying to create a splunk environment with an Indexer, Search Head, Forwarder and a Deployment Server, however, I can't get any connectivity between any of my instances. In terms of configuration I have Splunk properly installed on all my instances along with:

Indexer: enable listen 9997 -auth admin:changeme

search head:
outputs.conf
[indexAndForward]
index = false

[tcpout]
forwardedindex.filter.disable = true
indexAndForward = false

[tcpout:my_search_peers]
server= INDEXER_IP:9997
autoLB = true

add search-server -host INDEXER_IP:8089
restart
splunk edit licenser-localslave -master_uri 'https://search_head_ip:8089'

Forwarder
splunk add forward-server INDEXER_IP:9997

Deployer
{SPLUNK_FWD_HOME}/etc/apps/deployclient/local/deploymentclient.conf
[deployment-client]
[target-broker:deploymentServer]
targetUri = <DEPLOY_IP>

Have I missed anything here or have I done something wrong?

Cheers for any help!

qazwsxedc994 · ‎07-16-2015

I fixed my own problem. I forgot to enable distributed search on the indexer.

./splunk enable dist-search -auth admin:changeme

View solution in original post

qazwsxedc994 · ‎07-16-2015

I fixed my own problem. I forgot to enable distributed search on the indexer.

./splunk enable dist-search -auth admin:changeme

Why am I unable to create a connection between any of my instances trying to set up a distributed search environment?

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor