Installation
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Migrating Users from standalone to a cluster

robertlynch2020
Influencer
‎10-09-2020 01:54 AM

Hi

I am moving from one machine to a 5 machine cluster.

  • 1 SH
  • 1 Master Node
  • 3 Indexer

What are the steps I need to migrate all my users? And to what machine do I need to copy the new files to?

Thanks in Advance

Rob

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

inventsekar
SplunkTrust
SplunkTrust
‎10-09-2020 03:03 AM

Hi @robertlynch2020 

From https://community.splunk.com/t5/Archive/How-to-migrate-users-to-a-search-head-cluster/m-p/397704

- On each search head, I made a backup of etc/passwd (which contains only the admin user)
- I then copied the etc/passwd file from my stand-alone Splunk to each search head
- On the copied passwd file, I replaced the admin entry with the one from my backup passwd
- I restarted all my search heads

Result:
- I can successfully login to my search head using the users (with their passwords) contained in the copied passwd.
- I can also login to my search head using the admin and its pwd which I specified when I setup the new search header cluster

 

Splunk Documentation:

https://docs.splunk.com/Documentation/Splunk/8.0.6/DistSearch/Migratefromstandalonesearchheads

 

thanks and best regards,
Sekar

PS - If this or any post helped you in any way, pls consider upvoting, thanks for reading !

View solution in original post

Reply
Solved! Jump to solution

robertlynch2020
Influencer
‎10-09-2020 06:01 AM

Thanks,  this worked

  • copy of three tings
  • /etc/users , /etc/system/local/authorize.conf , /etc/passwd
  • Then restart
Reply
Solved! Jump to solution
Solution

inventsekar
SplunkTrust
SplunkTrust
‎10-09-2020 03:03 AM

Hi @robertlynch2020 

From https://community.splunk.com/t5/Archive/How-to-migrate-users-to-a-search-head-cluster/m-p/397704

- On each search head, I made a backup of etc/passwd (which contains only the admin user)
- I then copied the etc/passwd file from my stand-alone Splunk to each search head
- On the copied passwd file, I replaced the admin entry with the one from my backup passwd
- I restarted all my search heads

Result:
- I can successfully login to my search head using the users (with their passwords) contained in the copied passwd.
- I can also login to my search head using the admin and its pwd which I specified when I setup the new search header cluster

 

Splunk Documentation:

https://docs.splunk.com/Documentation/Splunk/8.0.6/DistSearch/Migratefromstandalonesearchheads

 

thanks and best regards,
Sekar

PS - If this or any post helped you in any way, pls consider upvoting, thanks for reading !
Reply
Get Updates on the Splunk Community!

Aligning Observability Costs with Business Value: Practical Strategies

 Join us for an engaging Tech Talk on Aligning Observability Costs with Business Value: Practical ...

Mastering Data Pipelines: Unlocking Value with Splunk

 In today's AI-driven world, organizations must balance the challenges of managing the explosion of data with ...

Splunk Up Your Game: Why It's Time to Embrace Python 3.9+ and OpenSSL 3.0

Did you know that for Splunk Enterprise 9.4, Python 3.9 is the default interpreter? This shift is not just a ...