Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
2,000 results
Sorted by:
07-17-2017
07:26 PM
In my environment, I have two indexers for one Search head.
I think that these commands like "search", "dedup", "transaction" are processed by indexer in distributed search.
But are these c...
08-23-2021
10:18 AM
I have a simple TA that makes a request to a REST endpoint and writes the data to the index (no UI associated with this, only indexing). Im exploring a distributed Splunk environment (with a f...
Labels
- Labels:
-
configuration
-
installation
12-28-2017
07:14 AM
Hello.
I'm running on RHEL 7 with 6.6.3 and an Indexer cluster (3 peers), and have 2 Search Heads not in a SHC but connected induvidually to the index cluster.
I try to use KV store with a c...
04-17-2013
07:59 AM
Hi,
There are 2 splunk servers( A and B) that have differente data and indexes. I have setup distributed search from A to B and B to A.
searches done from A to B: everything is working as e...
- Tags:
- distributed
12-19-2011
03:51 AM
Folks,
I have a Splunk 4.2.4 search-head and indexer on another machine in a distributed setup.
I'm getting an error in my splunkd.log about my knowledge bundle timing out replicating from search...
- Tags:
- search-head
03-18-2016
08:00 AM
Hello. I'm a new Splunk user, and I'm quite uncertain about how to index some distributed data. I have one SH and multiple Indexers located around the globe. Each of these Indexers has a local log f...
07-31-2016
01:13 PM
Hello Splunkers!
I am currently setting up a distributed Splunk system in our company.
It consists of: 2 Indexers and a Cluster Master Node, a standalone Search Head and a standalone Deployer/L...
Show results in replies (4)
-
To be as concise as possible, the speed gain in your example stems from distributed search, not f...
-
...f each bucket, and only the primary is searched. Historically, Splunk had distributed search b...
-
...ubtotals in a parallel, distributed manner. You request each indexer calculate sum(session_count) a...
-
...aster node does not participate in the actual searching of data, all it does is tell the search h...
09-03-2017
05:59 PM
...ut which server's cpu core is occupied by real-time search when configuring distributed search like indexer clustering?
will only cpu core of the search head be occupied? Or, because it is a distributed...
09-14-2020
02:27 PM
...ndexers. On the search head: The full message in splunkd.log is: "Global key files are invalid. This server cannot distribute searches to other servers." In Settings » Distributed search...
Show results in replies (9)
-
@isoutamoThanks for the ideas. I removed the search peers from the sh and restarted the sh. I t...
-
@isoutamoFixed! The problem was a straightforward consequence of the way the vendor software intera...
-
...ave you already try to remove + add search peers again? r. Ismo
-
@isoutamoThanks for your help. With any luck, later today I will have time to test a different vers...
-
@isoutamoHere's an update on this problem. After intensive work with vendor, I have no resolution, ...
-
Then it’s time to create support case to Splunk if you haven’t do it yet.
-
...ew peer when I was in the list of search peers. I had to be the "distributed peers menu" to see t...
-
...ll nodes. The search head was the last to be converted. I apologize if I was unclear. If I remove a...
-
...ersions are the same on all nodes. The search head was the last to be converted. I apologize if I was u...
11-09-2011
08:12 AM
1 Karma
Greetings,
I am in the midst of setting up a distributed search deployment (currently one search head, and one indexer, but we'll be adding 4 more indexers). What is the best method of adding a...
- Tags:
- index
