Hi @munang,

I agree with you that isn't so clear the managing roles division in Splunk, for this reason I voted for a proposal in Splunk Ideas (https://ideas.splunk.com/ideas/EID-I-48) to have a unique console grouping all the managing roles and i's a future prospect.

Anyway, answering to your questions:

1. Is it true that the monitoring console exists to check the indexer's health or CPU usage?

no it's a reductive affirmation: this is a part of its features: it can monitor all the activities of your Splunk on-premise infrastructure, because you can monitor all servers health status, indexing, searches, hardware resources usage, license consuption and many other things.

2. If number 1 is correct, I wonder why there is a license usage tab in the monitoring console menu. Does the monitoring console also check the license pool? (Does it also serve as a license master?)

license monitoring is one of the monitoring targets of this App, and it isn't mandatory that the MC is also the License Master.

3. Is it correct to say that the indexer cluster master is a role when divided based on Splunk components, and the monitoring console is a built-in function of the cluster master?

no it's wrong. as I said, using MC you can monitor all your Splunk on-premise infrastructure and it isn't a feature of the CM: the MC is a Search Head that usually it's better to put in a dedicated server or at least shared with a low load role as Deployer or License master, not CM or Deployment Server, except maybe (!) for little infrastructures!

Doesn't the monitoring console and the cluster master instance exist separately?

Yes they should: as I said, you can put them in the same server only in labs or for little infrastrctures.

Ciao.

Giuseppe