Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About realsplunk
realsplunk
Motivator
Member since:
05-26-2016
yesterday
Community Statistics
| Posts | 363 |
| Solutions | 15 |
| Karma Given | 463 |
| Karma Received | 27 |
| Member Since | 05-26-2016 |
Activity Feed
- Karma Re: What is the time allowed between training and certification? for richgalloway. yesterday
- Karma Re: What is the time allowed between training and certification? for cert-team-admin. yesterday
- Posted What is the time allowed between training and certification? on Training + Certification. Friday
- Karma Splunk app Windows Infrastructure - kvstore disk saturations for mabonjean. 3 weeks ago
- Karma Splunk App for Windows Infrastructure Searches Causing Searches Delayed Error for msevcik. 3 weeks ago
- Karma Re: What are the steps to install Monitoring Console on the License Master instance? for woodcock. a month ago
- Karma Re: How/where should we set up Dynatrace App / add on for Splunk in cluster environment? for Gr0und_Z3r0. a month ago
- Karma Re: Can I use props/transform to make MULTIPLE changes to the same event from a log? for micahkemp. 04-13-2022 07:48 AM
- Karma Re: Search Factor and Replication factory not met. Frozen=1 for jfaldmomacu. 04-11-2022 10:39 AM
- Karma Re: Frozen Buckets with Error: Cannot replicate as bucket hasn't rolled yet. for isoutamo. 04-11-2022 10:39 AM
- Karma Re: Handle lost buckets for harsmarvania57. 04-11-2022 05:58 AM
- Karma Re: Why is cluster master reporting "Cannot fix search count as the bucket hasn't rolled yet.", preventing me from meeting my Search Factor? for rbal_splunk. 04-08-2022 03:28 AM
- Posted Re: How to roll all hot buckets from hot to warm? on Deployment Architecture. 03-31-2022 08:24 AM
- Karma Re: How to get the total size of data in a distributed Splunk deployment ignoring replication for codebuilder. 03-31-2022 08:24 AM
- Posted How/where should we set up Dynatrace App / add on for Splunk in cluster environment? on All Apps and Add-ons. 03-31-2022 03:42 AM
- Karma Re: Roll buckets that are in "Cannot fix search count as the bucket hasn't rolled yet" state for codebuilder. 03-29-2022 12:49 AM
- Karma Re: Does data indexed and forwarded from a heavy forwarder count against the Splunk data license? for kristian_kolb. 03-27-2022 05:43 AM
- Karma Re: How to send the same data to multiple Splunk Enterprise platforms for gcusello. 03-25-2022 02:05 PM
- Karma Re: how to forward same data to two different indexers, with the following data flow, universal forwarder to heavyforwarder to indexers for FrankVl. 03-25-2022 01:45 PM
- Posted Re: What are some best practices for deploying new Splunk cluster step-by-step? on Deployment Architecture. 03-23-2022 03:46 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
Friday
Hello guys,
I'd like to know how much time you can wait between the last required training and the corresponding certification exam (ex : Splunk Deployment Practical Lab and Splunk Enterprise Certified Architect), for instance if you want to review all courses before trying to pass it?
Also is passing score 70%?
Thanks.
... View more
03-31-2022
08:24 AM
for backup purpose?
... View more
03-31-2022
03:42 AM
Hello guys,
how/where should we setup Dynatrace app / add on on cluster? App + addon on SHC?
On production we have HF available however not in test environment.
https://splunkbase.splunk.com/app/4040/
https://splunkbase.splunk.com/app/3969/
Thanks for your help!
... View more
Labels
03-23-2022
03:46 PM
If you need to open 514 port?
... View more
03-23-2022
09:14 AM
Hello guys,
I would like to have best practices regarding deploying new Splunk cluster V8, could you say if correct and in logical order?
1. Install Splunk on all nodes with non-root user (except if you want HF), verify ulimits
2. Configure one server "manager" with monitoring console, license master, deployer & deployment server roles
3. Configure Master Node (cluster master) on separate server
4. Configure peers, connect them to the MN
5. Configure search heads, connect them to the MN
6. Configure Universal forwarders
Thanks.
... View more
03-14-2022
04:00 AM
Defect SPL-128340 with the description "Change server/info protection to true by default" is solved, Tested on V8.2.2
... View more
03-09-2022
09:00 AM
Don't forget to do SHC rolling restart, you can also put in default.meta
... View more
02-18-2022
05:31 AM
Thanks, so looks current situation is fine then if I understood.
... View more
02-18-2022
05:30 AM
so that's the risk 😉
... View more
02-18-2022
04:45 AM
Is it possible however this team adds then can_delete or delete_by_keyword capability and may be able to delete data on clustered indexers? Thanks.
... View more
02-18-2022
03:19 AM
Yes this looks good solution, thanks.
... View more
02-18-2022
02:32 AM
Hello,
we have 3 SHC, could it be possible to add 1 SH dedicated to a special team and give admin rights only to this last one?
Thanks.
... View more
Labels
- Labels:
-
search head clustering
02-17-2022
03:30 PM
Hello,
If we currently have 2 local clustered indexers on 2 local sites and 1 remote same country (mainly in case of disaster),
3 shc : 2 load balanced for the 2 local sites and 1 in remote (not accessible from users)
RF=3 SF=3
Manager node is on 1st site.
Would it be interesting to use multisite clustering and to configure it with origin/total settings with same data safety?
Thanks.
... View more
Labels
01-05-2022
10:21 AM
I don't think splunk createssl web-cert 3072 is necessary, splunk would regenerate them when restarting
... View more
12-17-2021
04:57 AM
Support : it has been created to recover pass4SymmKeys
... View more
12-15-2021
08:53 AM
Hello, splunk show-decrypted does not seem to work on UF, is there another solution to recover forgot admin password? Thanks.
... View more
Labels
- Labels:
-
CLI
-
other
-
splunkd
-
universal forwarder
12-03-2021
02:56 AM
Hello guys, rb_ are replicated buckets of db_ - impacted by replication factor. However how to identify search factor footprint (specific index or bucket name?) on indexers? Thanks.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
yesterday
|
Karma given to
