Hello guys,
I would like to have best practices regarding deploying new Splunk cluster V8, could you say if correct and in logical order?
1. Install Splunk on all nodes with non-root user (except if you want HF), verify ulimits
2. Configure one server "manager" with monitoring console, license master, deployer & deployment server roles
3. Configure Master Node (cluster master) on separate server
4. Configure peers, connect them to the MN
5. Configure search heads, connect them to the MN
6. Configure Universal forwarders
Thanks.
... View more