Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
141 results
Sorted by:
02-09-2016
11:55 AM
I have this in server.conf on my search heads:
[general]
pass4SymmKey = $$$$$$$$$$$$$$$$$
serverName = xxx-xxxxxxxx
site = site1
[clustering]
master_uri = https://xx.xx.xx.xx:8089
mode = search...
2 weeks ago
When I used to manually created indexes on prem, I would create a record in index.conf for Indexers and a separate one in indexes.conf for Search heads. The documentation calls it a "Search Head V...
Labels
12-28-2017
07:14 AM
Hello.
I'm running on RHEL 7 with 6.6.3 and an Indexer cluster (3 peers), and have 2 Search Heads not in a SHC but connected induvidually to the index cluster.
I try to use KV store with a c...
08-02-2020
11:44 PM
...m. Another config file, ~/etc/system/local/server.conf, is similar, with serverName, and the hashed pass4SymmKey and sslPassword being different. This is also using the .pem file as serverCert....
Labels
- Labels:
-
indexer
-
Linux
-
search head
-
splunkd
08-08-2017
11:57 AM
I'm working with data that is being sent from a universal forwarder (UF) on the server. I do an INDEXED_EXTRACTION in the props.conf on the universal forwarder. When I search for the data on the search...
08-08-2016
12:54 PM
I'm trying to add another search head to my search head cluster. I'm receiving the following error when I try and bootstrap it.
[labsplunk-sh:/opt/sh2a/bin]$ ./splunk bootstrap shcluster-c...
11-15-2014
03:57 AM
1 Karma
Hi guys,
I have an issue with my Search Head cluster, the replication seems to not be working:
192.128.192.131 is the SearchHead1
192.128.192.136 is the Searchhead2
11-15-2014 12:42:3...
01-10-2017
12:24 AM
Hi Experts,
I got a situation. I have 3 search heads, 2 Indexers . I want to use one of the SH as a forwarder. So the idea is the 3rd SH reads data from TCP:3315 and sensd to both Indexers using a...
05-20-2015
01:37 PM
So I have a device which sends it logs in CEF format via syslog. This is not an ArcSight connector. I have configured this device to send these logs to a syslog server which in turn writes them t...
09-14-2011
04:23 PM
2 Karma
...ontents of $SPLUNK_HOME/etc/apps and $SPLUNK_HOME/etc/users to the NFS mount and then configure splunk via server.conf to look at the NFS dirs. Does the $SPLUNK_HOME/etc/system work differently?
