I'm tasked with moving the $SPLUNK_HOME/etc/system/local/ conf files within our peernodes to their own Splunk apps for easier management using the deployment-server/cluster master method. S...
I have a cluster with a search head, master node, 2 indexers, and a deployment server. I am able to get the cluster to see new clients and push down updated .conf files, but I am having trouble h...
Hi Team,
I am having a cluster setup with the following architecture.
1) One Splunk Manager.
2) One Search Head
3) Two Peernodes (i.e Two Indexers)
4) Total 50 Linux and Windows F...
In our on-prem splunk cluster attempting to follow these steps in "Enable the peernodes":
Enable the peer To enable an indexer as a peernode: 1. Click Settings in the upper right corner of S...
...ring up search head ec2 instance
Before u spin up search head instance I would like
To update the configuration file on search head ec2
Instance to point to master node instance that just
Came u...
...his implementation does currently have nodes in two different domains, and the domain to go away happens to house both our Cluster Manager and four indexers in a two-site configuration running Splunk E...
Hey all,
My setup consist of 1 search head, master, 4 peernodes. I'm using a heavy forwarder to get data in. I've created a new index on the master and distributed it to the peernodes.. My q...
Hi,
Can someone help me understand the difference between pass4symmkey and SSL settings for secure Splunk connections in a distributed environment?
What should we use for indexing? Cluster peer...
...owards the master node, or does it point to my 2 peernodes?
Do I have to go to each Splunk server, navigate to "Settings > Indexes", and create my "messages" index on each one?
Thanks!