...specially in a highly distributed environment. See ScaleyourdeploymentwithSplunkEnterprisecomponents.
Are there any best practices for how to create such a local configuration file?
Hi. Could someone explain to me the difference between Distributed and Clustered environment in relation to Splunk? I keep thinking it's the same.
Thanks in advance!
Does anyone have any good resources about indexes and index management?
Before I set up a bunch of indexes, I'd like to know more about the how indexes impact my deployment.
Hi,
I am looking for a documentation which describes the necessary steps in case of a disaster recovery (the host where SplunkEnterprise is installed crashes at some point) when I have only one Splunk...
I cannot figure out which component to enable HEC and where to send the events. We have an on prem SplunkEnterprise distributed configuration with a Deployment server, Indexer and SearchHead. We a...
...hree server cluster and a master node. two searchheads (one for the technical part and one for enterprise security) and a deployment server to forward apps to all the connected clients in all locations....
I'm planning an upgrade to the latest version of SplunkEnterprise. What is the high-level order of operations? Is there an intermediate step required if I'm on Splunk 6.5 or earlier? Where do f...
