Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

For a Splunk Enterprise non-clustered, distributed environment, can someone point me to documentation that covers server role assignment?

KevinMurray
Explorer
‎09-26-2018 04:14 AM

I have inherited a Splunk non-clustered, distributed Enterprise environment. I believe that my Splunk instances have too many server roles assigned to them.

Is there documentation stating:

  1. What role(s) should a Heavy Forwarder have?
  2. What role(s) should a Search Head have? (Search Head role only, or KV store as well?)
  3. What role(s) should an Indexer have? (Indexer role only, or KV store as well?)
  4. What role(s) should a Deployment Server have?
  5. What role(s) should the DMC Server have? Right now, the 4 server roles, Indexer, KV Store, License Master, and Search Head are assigned to my DMC. It is the License Master for my infrastructure so I know that role is required.

I am having a hard time finding documentation online that explicitly states how the server role assignment should be.

Thanks in advance.

0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...