I think this may help: https://docs.splunk.com/Documentation/Splunk/8.2.2/Indexer/Managesinglepeerconfigurations I get what your saying as if you theoretically have 3 Indexer Peers therefore 3 different inputs.conf allowing Splunk SSL receiving. If it is a small deployment I would manage it on a peer by peer basis and locally configure it in its own app context/repository. Or use the same cert and password throughout (probably not what you want) and use the deployment server to deploy it as an app
... View more