Knowledge Management
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

When using splunk backup kvstore command, is the completion status logged, specifically in the case of an error/failure?

andysm
Engager
‎02-04-2020 09:08 AM

I'm looking to capture any failures of a kvstore backup that is kicked off from a script.

Tags (1)
Reply

codebuilder
Influencer
‎02-07-2020 06:59 AM

There are several ways that you can tackle this.

Capture output from the Splunk command:

./splunk show kvstore-status

Use the REST API:

curl -k -u user:pass https://<host>:<mPort>/services/kvstore/status
curl -k -u user:pass https://<host>:<mPort>/services/messages

Errors and warnings are logged to both splunkd.log and mongod.log

----
An upvote would be appreciated and Accept Solution if it helps!
0 Karma
Reply

pedromunoz
Engager
‎02-04-2020 09:33 AM

I had the same question.
We found the following event in the internal logs of the Search Head were the kvstore backup was run:

127.0.0.1 - admin [03/Feb/2020:17:15:44.925 -0500] "POST /services/kvstore/backup/create HTTP/1.1" 200 1747 - - - 0ms

Otherwise we have yet to determine a reliable way to identify the status of a kvstore backup job from internal/introspection logs.

0 Karma
Reply
Get Updates on the Splunk Community!

New Year, New Changes for Splunk Certifications

As we embrace a new year, we’re making a small but important update to the Splunk Certification ...

[Puzzles] Solve, Learn, Repeat: Unmerging HTML Tables

[Puzzles] Solve, Learn, Repeat: Unmerging HTML TablesFor a previous puzzle, I needed some sample data, and ...

Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...

As of today, Enterprise Security (ES) Essentials 8.3 is now generally available, helping SOC teams simplify ...