I am interested in finding out more about how the splunk processes (splunkweb, splunkd, etc) work together to provide the overall splunk service. This includes the various logfiles, and ports. I've looked through the splunk docs site and see quite a bit of information and manuals there but I'm looking for a bit more of a detailed overview than what I see here:
http://www.splunk.com/view/SP-CAAABF9
and here:
http://docs.splunk.com/Documentation/Splunk/latest/installation/Splunksarchitectureandwhatgetsinstalled
Specifically, I'm looking for a deeper dive into ports, inter-communication and what to look for in truss/struss/strace, etc to determine how healthy the environment, and ultimately splunk service, is.
Any help would be greatly appreciated.
... View more