Deployment Architecture
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

What does Splunk log "rollout" refer to?

nagarjuna280
Communicator
‎12-12-2016 01:35 AM

I heard the word "rollout" regarding /opt/splunk/var/log/splunk files

Tags (1)
0 Karma
Reply

somesoni2
Revered Legend
‎12-12-2016 06:24 AM

The rotation of Splunk internal logs files, available in $SPLUNK_HOME/var/log/splunk folder, is managed by log.cfg file. The by default they roll to a new file when the log file size reaches 25MB (specified in bytes) and 5 backup/rolledover files are retained. See below links for more details:

https://docs.splunk.com/Documentation/Splunk/6.5.0/Troubleshooting/WhatSplunklogsaboutitself
https://docs.splunk.com/Documentation/Splunk/6.5.1/Troubleshooting/Enabledebuglogging#In_log.cfg

0 Karma
Reply

ddrillic
Ultra Champion
‎12-12-2016 05:51 AM

What do you really mean?

Reply
Get Updates on the Splunk Community!

What's New in Splunk Observability - October 2025

What’s New?  We’re excited to announce the latest enhancements to Splunk Observability Cloud and share what’s ...

🌟 From Audit Chaos to Clarity: Welcoming Audit Trail v2

🗣 You Spoke, We Listened Audit Trail v2 wasn’t written in isolation—it was shaped by your voices. In ...

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

 Prepare to elevate your security operations with the powerful upgrade to Splunk Enterprise Security 8.x! This ...