Getting Data In

How to get all configuration files in my deployment in a file?

rene847
Path Finder

Hi all,
I would like to know how to get all configuration files in my deployment in a file (for each Splunk instance)?
I have :
- 1 Management Console
- 1 Search head
- 2 Indexers
- 2 Universal forwarder (with vip)
(everything is redundant (doubled configuration))
Tks
Best Regards

1 Solution

gfuente
Motivator

Also there is a CLI command:

splunk diag

That creates a file with all the config files, logs, system info... usually requested by support guys to troubleshoot issues.

Maybe this could serve you too

Regards

View solution in original post

gfuente
Motivator

Also there is a CLI command:

splunk diag

That creates a file with all the config files, logs, system info... usually requested by support guys to troubleshoot issues.

Maybe this could serve you too

Regards

chanfoli
Builder

Your question is not very clear to me but I will tell you that configuration items in splunk are spread in several directories depending on changes made at the app level and any system level changes and are merged according to precedence rules. You can read about how this works here:

http://docs.splunk.com/Documentation/Splunk/6.2.1/Admin/Wheretofindtheconfigurationfiles

You can use btool to investigate what the active configuration on a splunk instance:

http://docs.splunk.com/Documentation/Splunk/6.2.1/Troubleshooting/Usebtooltotroubleshootconfiguratio...

To capture every configuration item in a single file you would basically need to archive [SPLUNKHOME]/etc/apps and [SPLUNKHOME]/etc/system directories.

0 Karma

rene847
Path Finder

Ok, thank you for your answer.
Regards

0 Karma
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.

Can’t make it to .conf25? Join us online!

Get Updates on the Splunk Community!

Community Content Calendar, September edition

Welcome to another insightful post from our Community Content Calendar! We're thrilled to continue bringing ...

Splunkbase Unveils New App Listing Management Public Preview

Splunkbase Unveils New App Listing Management Public PreviewWe're thrilled to announce the public preview of ...

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Are you leveraging automation to its fullest potential in your threat detection strategy?Our upcoming Security ...