Need your expert advice about Splunk Ent. & Enterprise Security (ES) Backups + Disaster Recover + HA advice please. Any steps to succeed in this project specially in AWS environment is appreciated. Thank u in advance
Not specific to an AWS environment, but some things to think about for ES:
https://docs.splunk.com/Documentation/ES/6.5.1/Install/InstallEnterpriseSecuritySHC#Back_up_and_rest...
Let me know if that helps.
You didn't give us much to work with. Everyone has different DR/HA needs and we don't know yours so we can offer only general answers.
Search head and indexer clustering help, especially if they're multi-site. Have standby instances of the management servers ready.
See https://lantern.splunk.com/Splunk_Success_Framework/Platform_Managment/Managing_backup_and_restore_p... for basic information and links to other helpful sites.
Thank u for your message. Hoping you had a safe & nice 4th of July. We have Clustering on the Indexers & SHs, in addition to a LM, Deployment server. Am working / documenting backing up the .conf files. What other critical steps would you recommend for Splunk Ent. & ES? I have done BU/DR for Windows environment for a long time. I want to make sure I am covered when Splunk servers go down say about 2 AM on a Saturday or so. I sure appreciate your expert advices as always.