Knowledge Management
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Is it possible to change dump folder on a windows splunk ent. instance?

linspec9721
Explorer
‎09-02-2022 08:33 AM

Hello all,

how is possible to change default dump folder on Windows?

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎09-05-2022 12:35 AM

Hi @linspec9721,

as @Azeemering asked, what do you mean with "dump folder"?

Anyway, on Splunk you can modify the installation folder (called $SPLUNK_HOME) and the folder containing the indexes (called $SPLUNK_DB).

The folder containing temporary files ($SPLUNK_HOME/var/run) isn't changeable.

Ciao.

Giuseppe

0 Karma
Reply

linspec9721
Explorer
‎09-07-2022 12:19 AM

Hello @Azeemering @gcusello,

I mean the crash dump folder.

Is it possibile to change the /var/log/splunk folder path?

I am on 9.0.0.

Thank you

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎09-07-2022 12:23 AM

Hi @linspec9721,

for my knowldege, the only changeable folders are the installation folder (called $SPLUNK_HOME) and the folder containing the indexes (called $SPLUNK_DB), not others.

Why do you want to change it?

in this way, crash logs are indexed by Splunk and you maintain them.

Ciao.

Giuseppe

Reply

linspec9721
Explorer
‎09-07-2022 12:28 AM

Hi,

sometimes it happens that crash dumps fill up the partion of $SPLUNK_HOME and we need to manually clean it.

Thank you.

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎09-07-2022 12:33 AM

Hi @linspec9721,

this means that you have a very narrow filesystem, maybe it could be a good idea giving a little more space to your file system.

Anyway, I suppose that it isn't so frequent a crash of your system, so deleting crash log files isn't a so frequent job.

Ciao.

Giuseppe

0 Karma
Reply

Azeemering
Builder
‎09-05-2022 12:31 AM

What do you mean? I don't understand your question.

Please read this:
https://docs.splunk.com/Documentation/SplunkCloud/8.2.2203/SearchReference/Dump

0 Karma
Reply
Get Updates on the Splunk Community!

.conf25 Community Recap

Hello Splunkers, And just like that, .conf25 is in the books! What an incredible few days — full of learning, ...

Splunk App Developers | .conf25 Recap & What’s Next

If you stopped by the Builder Bar at .conf25 this year, thank you! The retro tech beer garden vibes were ...

Congratulations to the 2025-2026 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...