I'm new to setting up clusters and I assumed that the splunk instances (deployment, deployer, seach head, cluster master, etc) would naturally forward their own splunk logs ($SPLUNK_HOME/var/log/splunk/*).
Are they and I am missing them? host=cluster-master index=* no results...
Is there an app, best practice, or some documentation regarding this?
I can't find what I am looking for in the monitoring console, which is:
Failed to register with cluster master
reason: failed method=POST
expected_response_code=2xx
actual_response_code=500
status_line="Internal Server Error"
Everything seems to be working fine...
... View more