Knowledge Management
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Schedule automatic summary backfill?

the_wolverine
Champion
‎08-08-2015 10:28 AM

I'd like to have summary backfill run on a scheduled basis to fill in the gaps automatically. I'd probably run this during non-peak hours to reduce any impact on the servers.

How can this be done?

Reply

inventsekar
Super Champion
‎08-10-2016 09:41 AM

http://docs.splunk.com/Documentation/Splunk/6.4.2/Knowledge/Managesummaryindexgapsandoverlaps
Use the backfill script to add other data or fill summary index gaps
The fill_summary_index.py script backfills gaps in summary index collection by
running the saved searches that populate the summary index as they would have
been executed at their regularly scheduled times for a given time range.

check this one as well.. FYI - This document refers to 3.x versions of Splunk.
http://wiki.splunk.com/Community:Summary_Indexing_Back_Fill

0 Karma
Reply

pradeepkumarg
Influencer
‎08-10-2016 08:04 AM

Did you get around with this?

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Updates (ESCU) - New Releases

In the last month, the Splunk Threat Research Team (STRT) has had 3 releases of new content via the Enterprise ...

Thought Leaders are Validating Your Hard Work and Training Rigor

As a Splunk enthusiast and member of the Splunk Community, you are one of thousands who recognize the value of ...

.conf23 Registration is Now Open!

Time to toss the .conf-etti 🎉 —  .conf23 registration is open!   Join us in Las Vegas July 17-20 for ...