Splunk® Enterprise

Managing Indexers and Clusters of Indexers

Splunk Enterprise version 8.1 will no longer be supported as of April 19, 2023. See the Splunk Software Support Policy for details. For information about upgrading to a supported version, see How to upgrade Splunk Enterprise.
This documentation does not apply to the most recent version of Splunk® Enterprise. For documentation on the most recent version, go to the latest release.

Configure and manage the indexer cluster with the CLI

You can use the CLI to perform a wide set of indexer cluster activities, including:

Some clustering commands are available only for a specific node type, such as the manager node.

This topic discusses issues that are common to all node types.

Configure cluster nodes

You can use the CLI to enable any of the cluster node types or to change their configurations later:

For details on specific command-line options, read "Configure the indexer cluster with server.conf".

For multisite cluster configurations, also read "Configure multisite indexer clusters with the CLI".

Specify a security key

You specify a security key for the cluster by appending the -secret flag when you enable each cluster node. For example, you specify it when configuring a peer node: 

splunk edit cluster-config -mode peer -master_uri https://10.160.31.200:8089 -replication_port 9887 -secret your_key

The security key authenticates communication between the manager node and the peers and search heads. The key is required and must be the same across all cluster nodes.

The -secret flag modifies the pass4SymmKey setting in the [clustering] stanza of server.conf.

View cluster information

There are a number of splunk list commands that return different types of cluster information. For example, to get detailed information on each peer in the cluster, run this command on the manager node: 

splunk list cluster-peers

To get information on the cluster configuration, run this command from any node: 

splunk list cluster-config

See the CLI clustering help for the full set of splunk list commands.

Manage the cluster

You can also use the CLI to perform a number of different actions on the cluster. Those actions are described in their own topics:

Get help on the CLI commands

The CLI provides online help for its commands. For general help on the full set of clustering commands, go to $SPLUNKHOME/bin and type: 

splunk help cluster

For help on specific commands, specify the command name. For example: 

splunk help list cluster-config

For general information on the CLI, read the "Administer Splunk Enterprise with the command line interface (CLI)" chapter in the Admin Manual, or type: 

splunk help
Last modified on 20 April, 2021
Configure the indexer cluster with server.conf   Manager node configuration overview

This documentation applies to the following versions of Splunk® Enterprise: 8.1.0, 8.1.1, 8.1.2, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.1.8, 8.1.9, 8.1.10, 8.1.11, 8.1.12, 8.1.13, 8.1.14

Acrobat logo Download manual
Acrobat logo Download this page

Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters