Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Is it good practice to run an rsync script to take a backup of any new warm buckets created to a new partition?

kkossery
Communicator
‎04-15-2015 08:24 AM

I need to start backing up my Splunk and was looking at backing up any new Warm buckets. I'm planning to do this by running an rsync script to take a backup of any new warm bucket created to a new partition.
Is this a good practice?
I'm interested in knowing what other users are doing to backup their Splunk/indexes on Amazon EC2.

Thanks

Tags (4)
0 Karma
Reply

kkossery
Communicator
‎05-08-2015 06:37 AM

I've installed s3sync on the Splunk box which would sync buckets (hot/warm/cold) to the S3 storage.

0 Karma
Reply

Arkon
Explorer
‎05-11-2016 12:43 PM

watchout for your S3 policy in case it automatically removes files after some time

0 Karma
Reply

Yasaswy
Contributor
‎04-15-2015 08:35 AM

hi kkossery, In general I would believe this to be "not" a good practice. Mostly because it does not scale well and very config and env dependent. I would go with clustering to solve any of the availability requirements.

0 Karma
Reply

kkossery
Communicator
‎04-15-2015 06:13 PM

Thanks! I will wait on what others have to say on this.

0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...