Knowledge Management
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Schedule automatic summary backfill?

the_wolverine
Champion
‎08-08-2015 10:28 AM

I'd like to have summary backfill run on a scheduled basis to fill in the gaps automatically. I'd probably run this during non-peak hours to reduce any impact on the servers.

How can this be done?

Reply

inventsekar
SplunkTrust
SplunkTrust
‎08-10-2016 09:41 AM

http://docs.splunk.com/Documentation/Splunk/6.4.2/Knowledge/Managesummaryindexgapsandoverlaps
Use the backfill script to add other data or fill summary index gaps
The fill_summary_index.py script backfills gaps in summary index collection by
running the saved searches that populate the summary index as they would have
been executed at their regularly scheduled times for a given time range.

check this one as well.. FYI - This document refers to 3.x versions of Splunk.
http://wiki.splunk.com/Community:Summary_Indexing_Back_Fill

0 Karma
Reply

pradeepkumarg
Influencer
‎08-10-2016 08:04 AM

Did you get around with this?

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Deep insights, no barriers: Splunk Observability Cloud Free Edition

As software delivery cycles continue to accelerate, observability shouldn’t be a luxury — it should be a ...

Monitoring AI Agents with Splunk Observability Cloud

Let’s say I’m running a travel planning AI app in production. A user asks for three concise hotel options in ...

[Puzzles] Solve, Learn, Repeat: Tiling

This puzzle (first published here) is based on finding groups of tessellated tiles (inspired by floor tiles I ...