Set Up Splunk Multi-Instance Monitoring Console (Part-I)
Today we will give you a complete overview of setting up a monitoring console, in case of a multi-instance environment.
Before starting this let’s talk about our environment, which we will use to demonstrate.
We have one indexer cluster master, four indexers linked with the master, and one search head.
To set up the monitoring console let’s do the following steps.
Select a host which will host the monitoring console in your environment.
In this case, you can choose a server that must meet a search head requirement. Like you can choose license master, deployment server, master node, or any dedicated search head as a monitoring console.
[We will select our master node as monitoring console]
In case you’re setting up for an indexer cluster or search head cluster then you must need to set up a cluster label.
In case of indexer cluster:
Go to the CLI of your master node.
And run this following command
splunk edit cluster-config -cluster_label <CLUSTER LABEL>
You can mention any level you want.
Add search peers:
1. Log in to the instance which you want to set up as a monitoring console (in our case it will be the master node)
2. Go to Setting and Distributed Search. And click on Search Peer.
3. Click on new search peer and add all search head, license master, non-clustered indexers and clustered search head.
Repeat this process a number of times based on the number of instances you want to add.
We don’t need to add a master node here because we are doing all of this stuff into master nodes only. So it will automatically add.
4. Now go to the setting > monitoring console > setting > general setup
Click on distributed and continue.
Come down and check the status of all remote instances.
Check server roles are showing correct roles for that particular instance or not, if not then click on action > edit and edit server roles
And click on apply changes.
Now go to the overview page of your newly set up monitoring console.