Hi there! We have an environment of a single search head with 14 peers, and it seems like our distributedsearches take much longer than they should. A given search takes around ~15-20 seconds to c...
In my environment, I have two indexers for one Search head.
I think that these commands like "search", "dedup", "transaction" are processed by indexer in distributedsearch.
But are these c...
...e've well seen the recommandation here, and especially : "When you set up the monitoring console in distributed mode, it creates one search group for each server role, identified cluster, or custom g...
Hello,
Architecture:
I have a distributed Seach (not in Cluster)
1 Search head and 1 Indexer.
Every logs are stored on the indexer and with the search head user can search ....
P...
Is it possible to have indexer A distribute to indexer B and have B distribute to A?
What are the settings for it. Just trying to set it up via the GUI, it all seems OK, but B cannot see any e...
Hello.
I'm running on RHEL 7 with 6.6.3 and an Indexer cluster (3 peers), and have 2 Search Heads not in a SHC but connected induvidually to the index cluster.
I try to use KV store with a c...
I;ve setup a search head with a custom app I've created. The search head appears to work. That is, it answers the queries and produces the charts and graphs remotely. However I get the following e...
Greetings, I am just trying to find out if there is any sort of security/encryption between the Indexer and Search head when using a distributedsearch? Or is data transferred in an unencrypted way b...
Hi,
There are 2 splunk servers( A and B) that have differente data and indexes. I have setup distributedsearch from A to B and B to A.
searches done from A to B: everything is working as e...
...his message on the top of my browser:
Unable to distribute to peer named xxx at uri https://xxxx:8089 because peer has status = "Duplicate License".
When I look at Manager->Distributedsearch-&g...