Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

One client Server needs access to two separate Deployment Servers - Is it possible?

MasterOogway
Communicator
‎06-19-2012 11:07 AM

I have multiple Splunk environments, A & B, and a client that needs to send App data to A and syslog to B. But I want/need to have two Deployment Servers managing each environments data separately. Is it possible to have a separate Deployment server configured to manage the App logs, while the second Deployment Server manages the Syslog & HW logs?

There are specific rules based around a FireWall keeping me from managing the Syslog from outside the Client installation location. But outside the Firewall is where I would like to manage the App logs. Thus the question, can a single Client server leverage two separate Deployment servers to manage the data?

I currently have one Deployment Server in place, but would like to manage two for consistency.
Thoughts?

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

yannK
Splunk Employee
Splunk Employee
‎06-20-2012 06:21 AM

I am afraid, that this is not possible.
the deployment-client can have only 1 deployment-server at a time.
And you change from one to another, the new one will redeploy all his applications, keeping the existing, and replacing the ones with the same app name.

A possible workaround is to cascade the deployment servers, ( A deploy to B, that deploy to clients. To do that, play with targetRepositoryLocation and RepositoryLocation. ). But it means that all the serverclass.conf and apps will be identical on each deployment-server.

Finally the best solution is probably to install 2 forwarders on the server, and have each of them controlled by a different deployment-server (with specific inputs and outputs).

View solution in original post

Reply
Solved! Jump to solution

MasterOogway
Communicator
‎06-20-2012 07:25 AM

Yeah....that is what I thought, but wanted to get confirmation from another source.
Without making a "one-off" solution of a dual installation, I will have to suffer with managing this set of hosts
from an alternate DeploymentServer than that of the other Windows/UNIX servers.

0 Karma
Reply
Solved! Jump to solution
Solution

yannK
Splunk Employee
Splunk Employee
‎06-20-2012 06:21 AM

I am afraid, that this is not possible.
the deployment-client can have only 1 deployment-server at a time.
And you change from one to another, the new one will redeploy all his applications, keeping the existing, and replacing the ones with the same app name.

A possible workaround is to cascade the deployment servers, ( A deploy to B, that deploy to clients. To do that, play with targetRepositoryLocation and RepositoryLocation. ). But it means that all the serverclass.conf and apps will be identical on each deployment-server.

Finally the best solution is probably to install 2 forwarders on the server, and have each of them controlled by a different deployment-server (with specific inputs and outputs).

Reply
Get Updates on the Splunk Community!

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...

Adoption of Infrastructure Monitoring at Splunk

  Splunk's Growth Engineering team showcases one of their first Splunk product adoption-Splunk Infrastructure ...