Re: Deployment Monitor Backfill for Windows

Jodge · ‎09-21-2011

Has anyone noticed how the Deployment Monitor Backfill doesn't work in Windows?

Although in a perfect world Windows may not be so prevalent but it's a presence in all our lives.

Trying to re-write the scripts for Windows now.

Jodge · ‎09-28-2011

There are three batch files to match the .sh & python scripts provided to backfill those provided with the Deployment Monitor app. They reside in $SPLUNK_HOME\bin and are run from the command line as:

DM_backfill_summary_indexes_windows.bat ..or..
DM_flush_and_backfill_summary_indexes_windows.bat

The source is as follows: -

"DM_backfill_summary_indexes_windows.bat"

@echo off 
rem call this script with %1 as username and %2 as password

setlocal

set splunkBin="C:\Program Files\Splunk\bin"

if (%1)==() goto Error
if (%2)==() goto Error

%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All forwarders - regenerator summary index" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All indexers - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All hosts - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All pools - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All sources - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All sourcetypes - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2

goto End

:Error
echo Please specify a username and password

:End

**

"DM_flush_and_backfill_summary_indexes_windows.bat"

@echo off 
rem call this script with %1 as username and %2 as password

setlocal

set splunkBin="C:\Program Files\Splunk\bin"

if (%1)==() goto Error
if (%2)==() goto Error

call %splunkBin%\DM_purge_summary_indexes_windows %1 %2

%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All forwarders - regenerator summary index" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All indexers - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All hosts - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All pools - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All sources - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2
%splunkBin%\splunk cmd python %splunkBin%\fill_summary_index.py -app SplunkDeploymentMonitor -name "All sourcetypes - regenerator" -et -14d@d -lt now -dedup true -j 8 -auth %1:%2

goto End

:Error
echo Please specify a username and password

:End

**

"DM_purge_summary_indexes_windows.bat"

@echo off 
rem call this script with %1 as username and %2 as password

setlocal

set splunkBin="C:\Program Files\Splunk\bin"

if (%1)==() goto Error
if (%2)==() goto Error

%splunkBin%\splunk search "|savedsearch ""All forwarders - purge""" -app SplunkDeploymentMonitor -detach T -maxout 0 -auth %1:%2
%splunkBin%\splunk search "|savedsearch ""All indexers - purge""" -app SplunkDeploymentMonitor -detach T -maxout 0 -auth %1:%2
%splunkBin%\splunk search "|savedsearch ""All hosts - purge""" -app SplunkDeploymentMonitor -detach T -maxout 0 -auth %1:%2
%splunkBin%\splunk search "|savedsearch ""All pools - purge""" -app SplunkDeploymentMonitor -detach T -maxout 0 -auth %1:%2
%splunkBin%\splunk search "|savedsearch ""All sources - purge""" -app SplunkDeploymentMonitor -detach T -maxout 0 -auth %1:%2
%splunkBin%\splunk search "|savedsearch ""All sourcetypes - purge""" -app SplunkDeploymentMonitor -detach T -maxout 0 -auth %1:%2

goto End

:Error
echo Please specify a username and password

:End

**

(All of these were prepared with the help of the WebIntelligence backfill batch files.)

Jodge · ‎09-27-2011

Hi Gekoner, Would gladly share batch files, (especially as learnt how to do it from the WebIntelligence backup batch files). This would be a first time with Splunk, so where should one post the scripts? Could just paste them into here?

gekoner · ‎09-28-2011

yes, I'd do just that. Splunk is trying to get the Answers forum to be the default place where Splunk users/admins can find answers. There is a handy 'code sample' button you can use to highlight the code sections. I'm sure Splunk support will be most appreciative, as well as future users.

gekoner · ‎09-23-2011

Yes, the backfill function in Deployment Monitor assumes you run Linux or some Unix version for your Indexer or indexers. I am surprised buy, this. You should share your batch files with the community.

Jodge · ‎09-23-2011

Yes, it's windows. The backfill scripts are all .sh -- so re-wrote them as a batch files. It took hours and hours to run. In the end it's probably quicker just to splunk on the internal indexes for the amount of uses it gets.

gekoner · ‎09-21-2011

Jodge, it works fine for me. Is your Indexer windows? Can you provide additional details?

Deployment Monitor Backfill for Windows

Introducing the 2024 SplunkTrust!

Introducing the 2024 Splunk MVPs!

Splunk Custom Visualizations App End of Life