Splunk Cloud Platform
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How we can transfer or back up data to an AWS S3 bucket for the specified existing index?

Rakzskull
Path Finder
‎02-24-2025 11:37 PM

We have an index named ABC with a searchable retention period of 180 days and an archival period of 3 years. I would like to transfer all logs to AWS S3, as they are currently stored in Splunk Archive storage. Could you please advise on how to accomplish this?

Additionally, will this process include moving both searchable logs and archived logs to S3?

I would appreciate a step-by-step guide. If anyone has knowledge of this process, I would be grateful for your assistance. Thank you.

Labels (2)
Labels
Tags (1)
0 Karma
Reply

kiran_panchavat
Influencer
a month ago

@Rakzskull 

Splunk manages the archival storage in DDAA, and you don’t have direct access to the underlying S3 buckets.

To export archived data:

  • Open a support ticket with Splunk.
I hope this helps, if any reply helps you, you could add your upvote/karma points to that reply, thanks.
0 Karma
Reply

tscroggins
Influencer
a month ago

Hi @Rakzskull,

Splunk support can assist with migrations from DDAA (Splunk-provided S3) to DDSS (customer-provided S3).

0 Karma
Reply
Get Updates on the Splunk Community!

New This Month - Splunk Observability updates and improvements for faster ...

What’s New? This month, we’re delivering several enhancements across Splunk Observability Cloud for faster and ...

What's New in Splunk Cloud Platform 9.3.2411?

Hey Splunky People! We are excited to share the latest updates in Splunk Cloud Platform 9.3.2411. This release ...

Buttercup Games: Further Dashboarding Techniques (Part 6)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...
Top