Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to create index using REST API in a index clustered environment?

Decoder79
Engager
‎05-10-2022 05:47 PM

HI All,

I have a question, How to create index using REST API in a index clustered environment?

Version : Splunk Enterprise 8.x

 

Labels (2)
Tags (1)
0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎05-10-2022 11:31 PM

Hi

based on documentation this post is still valid: https://community.splunk.com/t5/Getting-Data-In/How-to-create-index-using-REST-API-in-a-clustered-en...

You can create index on single peer, but not on cluster via rest.

You can add idea for this to ideas.splunk.com and hope that this will get enough votes to be a consider new feature.

r. Ismo

r. Ismo

Reply

PickleRick
SplunkTrust
SplunkTrust
‎05-11-2022 12:42 AM

Due to the way the cluster works I'd suppose it's not that easy and not really feasible to implement.

Since cluster configuration is maintained by confiugration bundles pushed from the master node, the REST would have to be implemented against master. And it would have to involve all that is "included" in preparing the bundle, verifying it, pushing and so on... Way too much fuss IMHO.

Reply
Get Updates on the Splunk Community!

Modern way of developing distributed application using OTel

Recently, I had the opportunity to work on a complex microservice using Spring boot and Quarkus to develop a ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had 3 releases of new security content via the Enterprise Security ...

Archived Metrics Now Available for APAC and EMEA realms

We’re excited to announce the launch of Archived Metrics in Splunk Infrastructure Monitoring for our customers ...