Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
169 results
Sorted by:
11-02-2010
05:35 PM
6 Karma
Hello,
I'm looking to set up our search head to send summary index data it generates back to our indexers in a distributed environment.
I found the following question, and I understand the t...
03-16-2022
12:51 AM
In our enterprise, there is already another team which has setup Splunk Search Heads and Indexers in their own AWS account (say A). We are planning to index and store new data in our AWS account (s...
Labels
- Labels:
-
distributed search
10-25-2010
04:55 PM
1 Karma
Say I have two indexers in two different datacenters, and I want to distribute searches across the WAN/VPN/Internet between them. What kind of bandwidth is necessary for optimal search performance? F...
- Tags:
- bandwidth
- distributed
07-17-2017
10:55 AM
1 Karma
...alue combinations and 10's of millions of dups, across a few dozen indexers. The results distribution is likely to be neither sparse nor dense, but long-tail - a few combinations will predominate, w...
02-08-2020
05:45 PM
I have a single indexer and single search head with the indexer attached as a search peer and I created one index called "winevent" on the indexer.
I don't understand why the search head cannot s...
10-28-2010
06:16 PM
1 Karma
Hi all,
My old, primary Splunk indexer/search head is being retired (v4.1.4). In its place is 4 new indexing servers that are carrying the indexing load for me (all running v4.1.5). Each of t...
01-08-2016
06:35 AM
1 Karma
Hi,
In a distributed mode with 1 search head and 4 indexers, when making a search through the search head, 2 of the for 4 indexers are not showing indexed data except internal logs of other S...
03-13-2019
12:03 AM
I have a single instance splunk (splunk A). now I want to do distributed search contain 1 indexer (splunk A)+ 1 search header (splunk B) and use the existing Splunk enterprise (splunk A) as the index...
- Tags:
- splunk-enterprise
03-17-2011
11:46 PM
1 Karma
It looks like indexes on both nodes are updated with the same entries. Does distributed indexing load and index the same data from a source to both indexers?
UPDATE
It turns out that I've c...
- Tags:
- distributed
- index
04-20-2021
02:42 AM
Hi According to the document here, cluster master distributes an app under indexer clustering environment. https://docs.splunk.com/Documentation/Splunk/8.1.3/Indexer/Manageappdeployment I...
Labels
- Labels:
-
indexer clustering
-
search peer
