We are currently evaluating Splunk's cloud offering and the topic of concurrent searches has come up. This is a bit of a concern for our team as one of the things we'd like to leverage Splunkfor...
We have a server where we have universal forwarder, and I am planningto install a splunkenterprise version so that i can use it as a deployment server. Can I do this? If so what are the things I h...
I need details about what to check before I upgrade so I know if my deployment is ready to upgrade. What do I monitor, and how do I benchmark system health before the upgrade?
Hello,
I've been using Splunkfor less than a year and I'm looking for real-world insight on how to size and grow a Splunk deployment. I've read the SplunkCapacityPlanning manual and the a...
...ecommendations summary forcapacityplanning in the past to help with sizing forSplunkEnterprise without ES however does it also apply to ES?
docs.splunk.com/Documentation/Splunk/7.2.1/Capacity/Summaryofperformancerecommendations
Hi,
We currently use Enterprise Security, with a single search-head. We'd like to move to using SHC (took a hit recently), but have been advised against it (waiting on more details for why). D...
...Indexing Performance is 250KB/S approximately 20GB per day. According to the CapacityPlanning Documents, this system should easily handle 250 GB per day. The files are JSON files.
Memory U...
...etup? I am new toSplunk so just want to make sure we are doing best practice.
Our current setup we have Enterprise Security and Core Splunk both on the search heads.
They all 24 GB of RAM and 6cpu a...
We are deploying Enterprise Security for various clients on AWS, and are in the planning phase. I am attempting to create reference documentation that would contain the minimum instance type and n...