- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello everyone.
Currently I have a cluster architecture of Splunk Enterprise 8.0.7.
- SH cluster + Indexer Cluster + Master Node + Deployer, all of them in Windows.
Now I have to deploy Splunk Security over that architecture.
Is that possible?
Thanks in advance.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for your answer @richgalloway
So, Can I have a SH as a standalone and install in that search head the App, and connect the SH standalone with the indexer cluster?
Thanks in advance
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for your answer @richgalloway
So, Can I have a SH as a standalone and install in that search head the App, and connect the SH standalone with the indexer cluster?
Thanks in advance
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, you can run ES on a standalone Windows SH connected to an indexer cluster, although I think you'll be happier running ES on Linux.
If this reply helps you, Karma would be appreciated.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for the useful help @richgalloway
Yes, I know in linux works much better, but for now that's what I have...
Thanks again.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Windows SHCs are not supported. See https://docs.splunk.com/Documentation/ES/6.4.0/Install/InstallEnterpriseSecuritySHC#Prerequisites_fo...
If this reply helps you, Karma would be appreciated.
