Join the Conversation
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
- :
- Re: Archive Signing
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Archive Signing
Hi,
I am using a script for archiving logs from colddb to a desired location. I have used the coldToFrozenExample.py script and basically just changed the archived location. The script works fine. However, since I intend to sign the bucket before archiving, I used the
signtool -s ARCHIVE_DIR
line in the script just before the bucket was to be copied to the location(as stated in the documentation). But, on doing so, the script doesnt work. Could it be the placement of signtool command? If so, please specify the exact location, as to where it should be placed. I am not familiar with python and hence, not able to spot the location.
Any help would be appreciated. Thanks in advance.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Each time the example coldToFrozen script runs, it archives a bucket by copying it. The destination directory is based on the combination of the ARCHIVE_DIR variable and the actual bucket name. To sign the bucket, you should add this line as the last line in the coldToFrozenExample.py file, keeping the same indentation as the line above it.
signtool --sign destdir
destdir is the variable containing the calculated destination path.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It should not go before the copy line. It should be indented exactly the same as the line before it. Also, use spaces or tabs - whichever was used in the line above.
Finally, check the ownership and permissions of the script that works. After you edit the script, does it have the same ownership and permissions? Perhaps you are changing something and that is why the script doesn't run.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I added the line signtool --sign destdir as the last line of the script and even before the copy line, but it did not work. The script doesnt run. If I remove the signtool line, it works fine. Please help
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions
Splunk Community Badges!
[Puzzles] Solve, Learn, Repeat: Matching cron expressions
