Scribd Logo
Upload

Welcome to Scribd!

  • Module3 - LIcense Management

    Uploaded by

    Srini V
    4 views4 pages
    1) License management in Splunk allows you to change license groups, add licenses, check for violations, view stacks, edit pools, and designate license rolls. 2) There are three main types of Splunk licenses: enterprise licenses, trial licenses, and free licenses. Enterprise licenses provide full functionality while trial licenses expire after 60 days and free licenses have data volume and functionality limitations. 3) Licenses are managed through a master-slave relationship between license servers, with slaves reporting usage to the master every minute. If a slave loses contact with the master for 72 hours, searching will be blocked on that slave.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    1) License management in Splunk allows you to change license groups, add licenses, check for violations, view stacks, edit pools, and designate license rolls. 2) There are three main types of Splunk licenses: enterprise licenses, trial licenses, and free licenses. Enterprise licenses provide full functionality while trial licenses expire after 60 days and free licenses have data volume and functionality limitations. 3) Licenses are managed through a master-slave relationship between license servers, with slaves reporting usage to the master every minute. If a slave loses contact with the master for 72 hours, searching will be blocked on that slave.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    4 views4 pages

    Module3 - LIcense Management

    Uploaded by

    Srini V
    1) License management in Splunk allows you to change license groups, add licenses, check for violations, view stacks, edit pools, and designate license rolls. 2) There are three main types of Splunk licenses: enterprise licenses, trial licenses, and free licenses. Enterprise licenses provide full functionality while trial licenses expire after 60 days and free licenses have data volume and functionality limitations. 3) Licenses are managed through a master-slave relationship between license servers, with slaves reporting usage to the master every minute. If a slave loses contact with the master for 72 hours, searching will be blocked on that slave.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 4

    Module3

    License Management

    Managing License

    Select Settings > Licensing

    1) Change License group


    2) Add License
    3) Check license violations if any and
    alerts
    4) View stack
    5) Edit and Add pools
    6) Designate License roll

    Types of splunk licenses?

    1. Enterprise License - Standard splunk license


    Allows you to use all splunk Enterprise features as below:
    Authentication
    Deployed Management
    Scheduling of Alerts
    Role-based Access controls

    Enterprise Trial License:


    500 MB/day upon initial registry
    Expires 60 days after start of using splunk
    After expiration, must switch to Free License

    2.Free License
    Includes 500 MB/day of indexing volume, is free, and has no expiration date
    Cannot Add more roles or create user accounts
    Searches are run against all public indexes, “index=*’ and restrictions on search such as user
    quotas, maximum per-search time ranges, search filters are not supported
    The capability system is disabled,, all capabilities are enabled for users accessing

    3.Forwarder License.
    License allows forwarding (but not indexing) of
    unlimited data
    Forwarder licenses are included with splunk enterprise license
    How to configure splunk license? |How to install splunklicense ?

    License Server Type:


    You can install splunk license on any server which ac as License server (as licensing is based
    upon volume of logs indexed by indexer).Splunk licensing installation have two components
    as below:
    1. Licensing master - controls one or more license slaves. From the license master, you can
    define stacks, pools, add licensing capacity, and manage license slaves.
    2. Licensing Slave - A license slave is a Splunk indexer which is a member of one or more
    license pools. The access a license slave has to license volume is controlled by its license
    master.

    How to add/install splunk license?

    1. Navigate to Settings > Licensing


    2. Click “Add license”

    3. select licensing file provided by splunk and click on install to install the license

    Licensing master and slave connection:


    When you configure a license master instance and add license slaves to it, the license slaves
    communicate their usage to the license master every minute
    If the license master is down or unreachable for any reason, the license slave starts a 72-
    hour timer ,If the license slave cannot reach the license master for 72 hours, search is
    blocked on the license slave (although indexing continues).Users will not be able to search
    data in the indexes on the license
    slave until that slave can reach the master again

    How to add/configure licensing slave?

    1. On the indexer (or search head) you want to configure


    as a license slave, log into splunk> Web and navigate to
    Settings > Licensing
    2. Click “Change to slave”

    3. Switch the radio button from Designate this splunk> instance, <this
    indexer/searchhead>, as the master license server to Designate a
    different Splunk instance as the master license server
    4. Specify the license master to which this license slave should report

    What is licensing pool?


    A group of Splunk indexers configured to share a designated quantity of licensing volume. A
    pool of indexers is managed by a license master instance. The allocated quantity of licensing
    volume itself is also sometimes referred to as the pool.

    How to create a licensing pool?

    1. Goto settings>>licensing>> Create new license pool


    2. Specify a name and optionally, a description for the pool
    3. Set the allocation for this pool
    4. Specify how indexers are to access this pool. The options
    are:
    • Any indexer in your environment that is configured as license slave can connect to this
    license pool and use the license allocation within it
    • Only indexers that you specify can connect to this pool and use the license allocation
    within

    Once installation and configuration is complete managing license is easy by using splunk
    license managing app ( Settings > License).splunklicense usage app provides a new
    dashboard which has several widgets that query to help you determine your Splunk license
    usage total over the past 24 hours as well as usage by host, source, and sourcetype. It
    contains timecharts to help you understand usage over time and see usage spikes as well as
    pie charts to help you to figure out which log files, sourcetypes, and hosts.

    More
    details:https://conf.splunk.com/session/2014/conf2014_NeenaBhutiani_Function1_Using_Track.pdf

    You might also like