matthew/DCO-SOGs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
DCO-SOGs/6 SIEMs/Splunk/searchheadclusterSOG.md

1.1 KiB
Raw Permalink Blame History

searchhead 1

./splunk init shcluster-config -auth spadmin:DM55Password!@ -mgmt_uri http://10.2.25.73:8089 -replication_port 9000 -replication_factor 3 -conf_deploy_fetch_url http://10.2.25.77:8089 -secret asdfqwer -shcluster_label searchheadcluster

searchhead 2

./splunk init shcluster-config -auth spadmin:DM55Password!@ -mgmt_uri http://10.2.25.74:8089 -replication_port 9100 -replication_factor 3 -conf_deploy_fetch_url http://10.2.25.77:8089 -secret asdfqwer -shcluster_label searchheadcluster

searchhead 3

./splunk init shcluster-config -auth spadmin:DM55Password!@ -mgmt_uri http://10.2.25.75:8089 -replication_port 9200 -replication_factor 3 -conf_deploy_fetch_url http://10.2.25.77:8089 -secret asdfqwer -shcluster_label searchheadcluster

searchhead cluster captain

./splunk bootstrap shcluster-captain -servers_list "http://10.2.25.73:8089,http://10.2.25.74:8089,http://10.2.25.75:8089" -auth spadmin:DM55Password!@

./splunk restart

checking

./splunk show shcluster-status -auth spadmin:DM55Password!@ ./splunk list shcluster-config -auth spadmin:DM55Password!@