Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
1,000 results
Sorted by:
07-17-2017
07:26 PM
In my environment, I have two indexers for one Search head.
I think that these commands like "search", "dedup", "transaction" are processed by indexer in distributed search.
But are these c...
12-28-2017
07:14 AM
Hello.
I'm running on RHEL 7 with 6.6.3 and an Indexer cluster (3 peers), and have 2 Search Heads not in a SHC but connected induvidually to the index cluster.
I try to use KV store with a c...
04-17-2013
07:59 AM
Hi,
There are 2 splunk servers( A and B) that have differente data and indexes. I have setup distributed search from A to B and B to A.
searches done from A to B: everything is working as e...
- Tags:
- distributed
12-19-2011
03:51 AM
Folks,
I have a Splunk 4.2.4 search-head and indexer on another machine in a distributed setup.
I'm getting an error in my splunkd.log about my knowledge bundle timing out replicating from search...
- Tags:
- search-head
07-31-2016
01:13 PM
Hello Splunkers!
I am currently setting up a distributed Splunk system in our company.
It consists of: 2 Indexers and a Cluster Master Node, a standalone Search Head and a standalone Deployer/L...
Show results in replies (4)
-
To be as concise as possible, the speed gain in your example stems from distributed search, not f...
-
...f each bucket, and only the primary is searched. Historically, Splunk had distributed search b...
-
...ubtotals in a parallel, distributed manner. You request each indexer calculate sum(session_count) a...
-
...aster node does not participate in the actual searching of data, all it does is tell the search h...
03-18-2016
08:00 AM
Hello. I'm a new Splunk user, and I'm quite uncertain about how to index some distributed data. I have one SH and multiple Indexers located around the globe. Each of these Indexers has a local log f...
04-08-2018
05:53 AM
...ontext: admin -> admin
04-08-2018 12:49:09.165 INFO UserManager - Unwound user context: admin -> admin
04-08-2018 12:49:09.165 INFO DistributedSearchResultCollectionManager - Stream search: l...
12-05-2018
05:01 AM
1 Karma
We have a distributed environment with a search head cluster, 2 indexers (not clustered), deployment server and multiple HF.
We decided to install the Splunk TA eStreamer eNcore add-on on one of t...
01-19-2016
04:09 AM
I have a 3 node search head cluster that backs on to a single indexer (its a test environment). All servers are 6.3.2. For one particular sourcetype, the search time xml field extractions do not f...
07-22-2016
03:20 AM
Hello,
About the next subject, someone has any opinion:
Splunk GUI > Manager » Distributed search » Search peers
What is the role of "Auto-discovered" and what does mean value of "0" v...
