Hi Nick,
Thank you. Need a little help, how to adjust the ports i.e. is there any way that before installation only i can change the port numbers. If so could you please guide me on the same.

If you do not want to define specific ports for second splunk instance then use command $SPLUNK_HOME/bin/splunk start --accept-license --auto-portswhile starting splunk first time and it will automatically pick up next available ports from Splunk default ports.

Oh, that's cool - I never knew that!
Thanks Harshil!

Welcome @nickhillscpl

If you are installing on windows, I think the installer prompts you to select the ports as you install.
If you are installing on linux, you are not prompted at all.
What I have done in the past is:
1.)Perform the first install in /opt/splunk then ensure splunk is not running.
2.)Do the second install in /opt/splunkhf also, rpm -i --prefix=/opt/splunkhf splunk_package_name.rpm and ensure splunk is not running.
3.) Edit the ports in server.conf, web.conf for the splunkhf install perhaps 8089-9089, 8000-9000 etc.
4.) Start /opt/splunk
5.) Start /opt/splunkhf and check the console to make sure there are no port clashes.

On linux, doesn't splunk complain about ports in use during first start and then let you choose alternative ports?

On windows you're going to run into issues running these instances as a service I believe.

Alternatively: spin up a few VMs, or check out solutions like docker.

Hi Raj,

Thanks for coming back. I have done this kind of setup using AWS where i have made one server as heavy forwarder and one as indexer. Just wanted to know if the above said scenario is possible or there is some ambiguity in it.