matthew/DCO-SOGs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Upload files to "6 SIEMs/Splunk"

Browse Source
This commit is contained in:
Matthew Iverson
2024-10-27 00:07:06 -04:00
parent e762946b82
commit 8e0d4ca472
9 changed files with 1336 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
6 SIEMs/Splunk/searchheadclusterSOG.md Normal file
View File

@ -0,0 +1,23 @@
# searchhead 1
./splunk init shcluster-config -auth spadmin:DM55Password!@ -mgmt_uri http://10.2.25.73:8089 -replication_port 9000 -replication_factor 3 -conf_deploy_fetch_url http://10.2.25.77:8089 -secret asdfqwer -shcluster_label searchheadcluster
# searchhead 2
./splunk init shcluster-config -auth spadmin:DM55Password!@ -mgmt_uri http://10.2.25.74:8089 -replication_port 9100 -replication_factor 3 -conf_deploy_fetch_url http://10.2.25.77:8089 -secret asdfqwer -shcluster_label searchheadcluster
# searchhead 3
./splunk init shcluster-config -auth spadmin:DM55Password!@ -mgmt_uri http://10.2.25.75:8089 -replication_port 9200 -replication_factor 3 -conf_deploy_fetch_url http://10.2.25.77:8089 -secret asdfqwer -shcluster_label searchheadcluster
# searchhead cluster captain
./splunk bootstrap shcluster-captain -servers_list "http://10.2.25.73:8089,http://10.2.25.74:8089,http://10.2.25.75:8089" -auth spadmin:DM55Password!@
./splunk restart
# checking
./splunk show shcluster-status -auth spadmin:DM55Password!@
./splunk list shcluster-config -auth spadmin:DM55Password!@