Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Design question

naomibn
Explorer
‎07-26-2018 11:45 PM

Hello everyone,

I have a requirement where I have three servers in PROD and three in DR. UF agents are installed on all these servers.

All the logs to be monitored will be stored in a NFS. The scenario is like

UF01,UF02,UF03 (PROD) ----- >> monitoring same files in NFS
UF04,UF05,UF06 (DR) ----- >> monitoring same files in NFS

At one point of time there should be only one UF monitoring all these files. If UF01 goes down, either UF02 or UF03 should monitor the NFS.

Is there some kind of a watch mechanism available anywhere.

Thanks,
Nao

Tags (1)
0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In the last month, the Splunk Threat Research Team (STRT) has had 2 releases of new security content via the ...

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We are happy to announce the 20 lucky questers who are selected to be the first round of Champion's Tribute ...

We’ve Got Education Validation!

Are you feeling it? All the career-boosting benefits of up-skilling with Splunk? It’s not just a feeling, it's ...