cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
VivekVenudasan
Engager
Member since: ‎01-25-2021
‎01-29-2021
Community Statistics
Posts 3
Solutions 1
Karma Given 0
Karma Received 0
Member Since ‎01-25-2021
View All

Re: Splunk Eventgen | Count of events generated

by in All Apps and Add-ons
‎01-28-2021 08:40 PM
‎01-28-2021 08:40 PM
I have found the reason behind this. My splunk instance is having search heads in a cluster. There are 3 searchheads in the cluster . So when the eventgen & the custom bundle is deployed it got deployed to all 3 search head members. By default they custom bundle app is enabled in all 3 search heads, therefore events were generated from all 3 search heads. Hence those 3 duplicate records!!! It wasnt obvious to me until I changed the host to "localhost" instead of the custom value that I had before (test_host2)!  So to resolve this issue, once the app is deployed into the SH members, i manually logged into the 2 search head servers and disabled the custom app locally in them and left it enabled in only one of them and then did a debug refresh .  Happy days afterwards!!!           ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎01-29-2021 12:05 AM