Chapter 5: Advanced Indexing

In the previous chapter, we focused on a review of how Splunk security works, and then pointed out the security enhancements in Splunk version 8.0. We also touched briefly on authentication and authentication tokens.

In this chapter, the discussion concentrates on developing an understanding of how Splunk index clustering works and the way it supports High Availability (HA) as well as Disaster Recovery (DR) in Splunk instances and indexed data.

This chapter will be broken down into the following main sections:

  • Splunk deployment basics
  • Understanding index clustering and replication
  • Disaster recovery sites
  • Special multi-site configurations – the site replication factor

Splunk deployment basics

In Chapter 1, Overview ...

Get Mastering Splunk 8 now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.