Monitoring Splunk
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

In which config file are DMC roles and DMC Distributed mode defined?

ncrisler
New Member
‎03-21-2017 08:31 PM

Currently working on automation a Splunk build and am wondering where DMC roles and DMC distributed mode are defined from a config file perspective.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

jwelch_splunk
Splunk Employee
Splunk Employee
‎03-22-2017 05:38 AM

The main thing this looks at is all under the splunk_monitoring_console

lookups/assets.csv
local/splunk_monitoring_console_assets.conf

And the real kicker is normally in

/opt/splunk/etc/system/local/distsearch.conf

This is where we create all the search groups.

Okie

View solution in original post

Reply
Solved! Jump to solution
Solution

jwelch_splunk
Splunk Employee
Splunk Employee
‎03-22-2017 05:38 AM

The main thing this looks at is all under the splunk_monitoring_console

lookups/assets.csv
local/splunk_monitoring_console_assets.conf

And the real kicker is normally in

/opt/splunk/etc/system/local/distsearch.conf

This is where we create all the search groups.

Okie

Reply
Solved! Jump to solution

Aftend1971
Explorer
‎03-28-2018 01:59 PM

These are generated, right? Not for edit.
lookups/assets.csv
local/splunk_monitoring_console_assets.conf

But how to edit
/opt/splunk/etc/system/local/distsearch.conf
to have in DMC remote peers in 'Configured' state, not in 'New' state?

If you add manualy configuredPeers=peer:8089 to local/splunk_monitoring_console_assets.conf, it will be configured. But I guess that this is not right way.

Reply
Solved! Jump to solution

sgao
Splunk Employee
Splunk Employee
‎04-02-2018 04:10 PM

You will need to click on Apply Change for its state to change from New to Configured.

0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...