Splunk Dev
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to fix incorrect Instance name after change hostname?

krzysztofz
New Member
‎06-07-2017 06:28 AM

I have problem with change instance name in Splunk.

In conf files serverName variable is change to new hostname and splunk is restarted.

Everything is ok, but in, for ex. "Resource Usage: Instance" in "Instance" drop down list i see old hostname.

I try to find this in all Splunk files (db too) and find it only in \var\lib\splunk\kvstore\mongo\local.0 file.

What can i do to fix this problem?

Tags (1)
0 Karma
Reply

willsy
Communicator
‎09-15-2022 01:58 PM

There will be four places in linux that this could be. These are;

/etc/hostname
/SPLUNK_HOME/etc/system/local/server.conf
/SPLUNK_HOME/etc/system/local/inputs.conf
/SPLUNK_HOME/etc/system/local/deploymentclient.conf

server.conf 
[general]
serverName = whatever

inputs.conf
host = whatever

deploymentclient.conf
[deployment-client]
clientName = whatever

0 Karma
Reply

krzysztofz
New Member
‎06-07-2017 03:11 PM

I already edit this files.

But, i fix this problem in other way...

In Settings > General Setup i edit Instance (Actions > Edit > Edit Server Roles) and for ex. KV Store for a while.

After this in Resource Usage etc. i see correct Instance name and stats display correctly now (before fix not).

0 Karma
Reply

yannK
Splunk Employee
Splunk Employee
‎06-07-2017 12:38 PM

if you change the hostname, you may want to edit the splunk configurations to update it.

in $SPLUNK_HOME/etc/system/local/inputs.conf
the default stanza used for all inputs
check for host=something setting that may be the old hostname

in $SPLUNK_HOME/etc/system/local/server.conf
there is a hostname setting, used for the server name (for deployment client, or metrics)

Reply

adonio
Ultra Champion
‎06-07-2017 07:46 AM

try in etc/system/local/inputs.conf
change the host = oldName to newName
hope it helps

0 Karma
Reply
Get Updates on the Splunk Community!

Unlock Database Monitoring with Splunk Observability Cloud

  In today’s fast-paced digital landscape, even minor database slowdowns can disrupt user experiences and ...

Purpose in Action: How Splunk Is Helping Power an Inclusive Future for All

At Cisco, purpose isn’t a tagline—it’s a commitment. Cisco’s FY25 Purpose Report outlines how the company is ...

[Upcoming Webinar] Demo Day: Transforming IT Operations with Splunk

Join us for a live Demo Day at the Cisco Store on January 21st 10:00am - 11:00am PST In the fast-paced world ...