Does Splunk App for Enterprise Security support mu...

rgaleone1 · ‎08-05-2014

Splunk documentation for the Enterprise Security App lists support for single-site cluster architectures. I am planning a large ES installation across multiple geographical locations and wanted to know if the ES app (latest version) was able to support a multi-site cluster architecture.

Source: Splunk Enterprise Security App Installation and Configuration Manual

ekost · ‎08-26-2014

The Enterprise Security app Deployment planning topic on Clustering has been updated to show support for multisite clustering. Please note that a single-site or multi-site cluster architecture can have one search head or search head pool with a running instance of the Splunk App for Enterprise Security. Any other search heads cannot run the Enterprise Security app.

Thanks!

mahamed_splunk · ‎08-08-2014

ES 3.1.0 has been certified to run on multisite clustering. Filed a request to update the docs.

Does Splunk App for Enterprise Security support multi-site cluster architecture?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

May 2026 Splunk Expert Sessions: Security & Observability

Network to App: Observability Unlocked [May & June Series]

Join the Conversation