Splunk Enterprise Security
Highlighted

Splunk Enterprise Distributed Deployment Guide RHEL 7

New Member

Hello,

I have inherited a Splunk Enterprise deployment with a mixed OS (Windows/Linux) environment. We are in the process of converting this to a full linux instance and want to leave the Hybrid instance behind. Could someone provide me a link to a step-by-step configuration process for setting up the following:

  1. A Search Head Cluster (3 search heads)

  2. Indexer Cluster (5 indexers). - NOTE: This is already functioning in the old instance, so I believe I can figure this one out. However, I just want to ensure this is done right.

  3. Deployer/Cluster Master

We already have a Deployment server in place and 4 Heavy forwarders. My biggest concern is setting up the search head cluster since we do not currently have this implemented. Any help will be greatly appreciated.

Thanks
grantk1987

0 Karma
Highlighted

Re: Splunk Enterprise Distributed Deployment Guide RHEL 7

Motivator
0 Karma
Highlighted

Re: Splunk Enterprise Distributed Deployment Guide RHEL 7

SplunkTrust
SplunkTrust
0 Karma
Highlighted

Re: Splunk Enterprise Distributed Deployment Guide RHEL 7

Champion

this is a big task.. maybe, you need to this step by step.. and when you are stuck at a particular step, you can ask that issue, so that we can reply..

0 Karma