Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Deployment Architecture
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Administration
- :
- Deployment Architecture
- :
- how to restore TSIDX
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
how to restore TSIDX
mcdp_matsumoto
New Member
04-16-2020
02:13 AM
I am trying to execute the following command to restore TSIDX.
splunk rebuild "bucket directory"
What is correct to specify for "bucket directory"?
Some start with "db_" or "rb_" and some end with ".rbsentinel".
$ sudo -u splunk ls /opt/splunk/var/lib/splunk/someindex/db
CreationTime
GlobalMetaData
db_1575255638_1550733795_1_2EB5DD1B-EBFC-4678-A599-3C90C8E80123
db_1575255638_1550733795_1_2EB5DD1B-EBFC-4678-A599-3C90C8E80123.rbsentinel
db_1575255638_1550733795_4_2EB5DD1B-EBFC-4678-A599-3C90C8E80123
db_1575255638_1550733795_4_2EB5DD1B-EBFC-4678-A599-3C90C8E80123.rbsentinel
db_1583828795_1575944480_0_2EB5DD1B-EBFC-4678-A599-3C90C8E80123
db_1583828795_1575944480_0_2EB5DD1B-EBFC-4678-A599-3C90C8E80123.rbsentinel
db_1585128403_1583828817_2_2EB5DD1B-EBFC-4678-A599-3C90C8E80123
db_1585128403_1583828817_2_2EB5DD1B-EBFC-4678-A599-3C90C8E80123.rbsentinel
db_1585209454_1575944480_3_2EB5DD1B-EBFC-4678-A599-3C90C8E80123
db_1585209454_1575944480_3_2EB5DD1B-EBFC-4678-A599-3C90C8E80123.rbsentinel
db_1585894857_1585209525_5_2EB5DD1B-EBFC-4678-A599-3C90C8E80123
db_1585894857_1585209525_5_2EB5DD1B-EBFC-4678-A599-3C90C8E80123.rbsentinel
db_1586917200_1580354616_6_2EB5DD1B-EBFC-4678-A599-3C90C8E80123
db_1586917200_1580354616_6_2EB5DD1B-EBFC-4678-A599-3C90C8E80123.rbsentinel
db_1586918400_1586916300_7_2EB5DD1B-EBFC-4678-A599-3C90C8E80123
rb_1561972997_1550733795_1_C03F81F1-D923-458D-B4BE-0D5C6DF1EBC5
rb_1561972997_1550733795_1_C03F81F1-D923-458D-B4BE-0D5C6DF1EBC5.rbsentinel
rb_1561972997_1550733795_4_C03F81F1-D923-458D-B4BE-0D5C6DF1EBC5
rb_1561972997_1550733795_4_C03F81F1-D923-458D-B4BE-0D5C6DF1EBC5.rbsentinel
rb_1575255638_1550733795_7_C03F81F1-D923-458D-B4BE-0D5C6DF1EBC5
rb_1583828450_1564380558_0_C03F81F1-D923-458D-B4BE-0D5C6DF1EBC5
rb_1583828450_1564380558_0_C03F81F1-D923-458D-B4BE-0D5C6DF1EBC5.rbsentinel
rb_1585128180_1583828597_2_C03F81F1-D923-458D-B4BE-0D5C6DF1EBC5
rb_1585128180_1583828597_2_C03F81F1-D923-458D-B4BE-0D5C6DF1EBC5.rbsentinel
rb_1585295925_1564380558_3_C03F81F1-D923-458D-B4BE-0D5C6DF1EBC5
rb_1585295925_1564380558_3_C03F81F1-D923-458D-B4BE-0D5C6DF1EBC5.rbsentinel
rb_1585894871_1585295926_5_C03F81F1-D923-458D-B4BE-0D5C6DF1EBC5
rb_1585894871_1585295926_5_C03F81F1-D923-458D-B4BE-0D5C6DF1EBC5.rbsentinel
rb_1585901346_1575944480_6_C03F81F1-D923-458D-B4BE-0D5C6DF1EBC5
rb_1586917500_1585901374_8_C03F81F1-D923-458D-B4BE-0D5C6DF1EBC5
rb_1586918400_1586917500_9_C03F81F1-D923-458D-B4BE-0D5C6DF1EBC5
Get Updates on the Splunk Community!
Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...
Prepare to elevate your security operations with the powerful upgrade to Splunk Enterprise Security 8.x! This ...
Get Early Access to AI Playbook Authoring: Apply for the Alpha Private Preview ...
Passionate about security automation? Apply now to our AI Playbook Authoring Alpha private preview ...
Reduce and Transform Your Firewall Data with Splunk Data Management
Managing high-volume firewall data has always been a challenge. Noisy events and verbose traffic logs often ...
