Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Deployment Monitor Backfill for Windows

Jodge
Path Finder
‎09-21-2011 10:50 AM

Has anyone noticed how the Deployment Monitor Backfill doesn't work in Windows?

Although in a perfect world Windows may not be so prevalent but it's a presence in all our lives.

Trying to re-write the scripts for Windows now.

Reply

Jodge
Path Finder
‎09-28-2011 11:57 AM

There are three batch files to match the .sh & python scripts provided to backfill those provided with the Deployment Monitor app. They reside in $SPLUNK_HOME\bin and are run from the command line as:

  • DM_backfill_summary_indexes_windows.bat ..or..
  • DM_flush_and_backfill_summary_indexes_windows.bat

The source is as follows: -

"DM_backfill_summary_indexes_windows.bat"

@echo off 
rem call this script with %1 as username and %2 as password

setlocal

set splunkBin="C:\Program Files\Splunk\bin"

if (%1)==() goto Error
if (%2)==() goto Error

%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All forwarders - regenerator summary index" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All indexers - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All hosts - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All pools - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All sources - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All sourcetypes - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2

goto End

:Error
echo Please specify a username and password

:End

**

"DM_flush_and_backfill_summary_indexes_windows.bat"

@echo off 
rem call this script with %1 as username and %2 as password

setlocal

set splunkBin="C:\Program Files\Splunk\bin"

if (%1)==() goto Error
if (%2)==() goto Error

call %splunkBin%\DM_purge_summary_indexes_windows %1 %2

%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All forwarders - regenerator summary index" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All indexers - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All hosts - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All pools - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All sources - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All sourcetypes - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2

goto End

:Error
echo Please specify a username and password

:End

**

"DM_purge_summary_indexes_windows.bat"

@echo off 
rem call this script with %1 as username and %2 as password

setlocal

set splunkBin="C:\Program Files\Splunk\bin"

if (%1)==() goto Error
if (%2)==() goto Error

%splunkBin%\splunk search "|savedsearch ""All forwarders - purge""" -app SplunkDeploymentMonitor -detach T -maxout 0 -auth %1:%2
%splunkBin%\splunk search "|savedsearch ""All indexers - purge""" -app SplunkDeploymentMonitor -detach T -maxout 0 -auth %1:%2
%splunkBin%\splunk search "|savedsearch ""All hosts - purge""" -app SplunkDeploymentMonitor -detach T -maxout 0 -auth %1:%2
%splunkBin%\splunk search "|savedsearch ""All pools - purge""" -app SplunkDeploymentMonitor -detach T -maxout 0 -auth %1:%2
%splunkBin%\splunk search "|savedsearch ""All sources - purge""" -app SplunkDeploymentMonitor -detach T -maxout 0 -auth %1:%2
%splunkBin%\splunk search "|savedsearch ""All sourcetypes - purge""" -app SplunkDeploymentMonitor -detach T -maxout 0 -auth %1:%2

goto End

:Error
echo Please specify a username and password

:End

**

(All of these were prepared with the help of the WebIntelligence backfill batch files.)

Reply

Jodge
Path Finder
‎09-27-2011 11:01 PM

Hi Gekoner, Would gladly share batch files, (especially as learnt how to do it from the WebIntelligence backup batch files). This would be a first time with Splunk, so where should one post the scripts? Could just paste them into here?

0 Karma
Reply

gekoner
Communicator
‎09-28-2011 10:15 AM

yes, I'd do just that. Splunk is trying to get the Answers forum to be the default place where Splunk users/admins can find answers. There is a handy 'code sample' button you can use to highlight the code sections. I'm sure Splunk support will be most appreciative, as well as future users.

0 Karma
Reply

gekoner
Communicator
‎09-23-2011 09:57 AM

Yes, the backfill function in Deployment Monitor assumes you run Linux or some Unix version for your Indexer or indexers. I am surprised buy, this. You should share your batch files with the community.

0 Karma
Reply

Jodge
Path Finder
‎09-23-2011 09:32 AM

Yes, it's windows. The backfill scripts are all .sh -- so re-wrote them as a batch files. It took hours and hours to run. In the end it's probably quicker just to splunk on the internal indexes for the amount of uses it gets.

Reply

gekoner
Communicator
‎09-21-2011 11:09 AM

Jodge, it works fine for me. Is your Indexer windows? Can you provide additional details?

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

May 2026 Splunk Expert Sessions: Security & Observability

Level Up Your Operations: May 2026 Splunk Expert Sessions Whether you are refining your security posture or ...

Network to App: Observability Unlocked [May & June Series]

In today’s digital landscape, your environment is no longer confined to the data center. It spans complex ...

SPL2 Deep Dives, AppDynamics Integrations, SAML Made Simple and Much More on Splunk ...

Splunk Lantern is Splunk’s customer success center that provides practical guidance from Splunk experts on key ...