Solved: Why is difficult getting cluster to work?

domino30 · ‎02-01-2023

Yes indexer clustering. I set up 3 win 10 machines with Splunk Enterprise on them and got them to initially connect to master indexer but then got this error.

on same dns and firewall turned off on all 3 machines.

thanks

shivanshu1593 · ‎02-02-2023

The error message in your screenshot indicates that the machine with the same name is already registered. Did you copy/paste Splunk directory from one to the VMs in question? Please check their GUIDs and see if they are matching. If they are, wipe out Splunk on one of them, reinstall and have it join the cluster again.

Thank you,
Shiv
###If you found the answer helpful, kindly consider upvoting/accepting it as the answer as it helps other Splunkers find the solutions to similar issues###

View solution in original post

shivanshu1593 · ‎02-02-2023

The error message in your screenshot indicates that the machine with the same name is already registered. Did you copy/paste Splunk directory from one to the VMs in question? Please check their GUIDs and see if they are matching. If they are, wipe out Splunk on one of them, reinstall and have it join the cluster again.

Thank you,
Shiv
###If you found the answer helpful, kindly consider upvoting/accepting it as the answer as it helps other Splunkers find the solutions to similar issues###

isoutamo · ‎02-02-2023

Hi

if you are using a “golden image” then you should follow these steps, not just copy paste. https://docs.splunk.com/Documentation/Splunk/9.0.3/Admin/IntegratefullSplunkontoasystemimage
Otherwise you will get situation which @shivanshu1593 already describe.

r. Ismo

Why is difficult getting cluster to work?

indexer clustering

Introducing Splunk Enterprise 9.2

Adoption of RUM and APM at Splunk

Routing logs with Splunk OTel Collector for Kubernetes