Currently working on deploying Splunk on AWS to work in conjunction with our current on-prem solution and I have 2 questions. Can I configure our AWS Searchheads to function as normal SearchHead...
I am trying to build some modular documentation as a Splunk app on a site with a indexer- and searchheadcluster. Some of the reasoning behind this is that I spend quite some time r...
I am getting the error "Error pulling configurations from thesearchheadcluster captain; consider performing a destructive configuration resync on this searchheadcluster member"
I tried to r...
Is there a way of limiting thesearch load on a index cluster using configuration in the index cluster? E.g. setting a max limit for how many concurrent searches that is allowed to run simultaneous....
I have 3 searchheads in a cluster and I need to configure email settings. I don't see server settings in the settings drop down on any of thesearchheads, only on the deployer. When I configure i...
...onnectivity to thesearch peer, that thesearch peer is up, and that an adequate level of system resources are available. ^ Even though the peer is Up according to theCluster Master C...
...iewSHCstatus to get thesearchheadcluster information like all members and captain, but it's not so convenient for Chef to configure.
Does Splunk store the related information into some configuration file?
Hello,
Data in CyberArk comes through the Syslog Server and CyberArk TA needs to be installed into Searchhead (or searchheadcluster) based on the SPLUNK web site (https://docs.splunk.com/D...
...heads that reside in their own clusters?
So the goal is; given clusters in each datacenter, can I search all data (from all datacenters) in one searchhead?
Visio image #1
Visio Image #2