Splunk Enterprise

Need help for below scenario


we have a server A Linux box (HF) (AWS cloud )  this server is a primary server i copied conf files in LOCAL folder to S3 bucket  through python  script ,and scheduled a job daily to copy files ,now i need to copy the same configuration files to server B (HF) (AWS cloud ) this server is a DR server 

Scenario: if some thing happened to primary server we need to copy config files in S3 bucket and paste in DR server local folder and should restart Splunk  this should be done in automation way 


can some one help best way to do it??


Thanks in advance 

Labels (1)
Tags (1)
0 Karma



You may achieve this with scripting like: check management port on A box from B box, if management port is not reachable then copy config from S3 to B box

You need to keep in mind that there are configuration files in which passwords are encrypted. Like server.conf, inputs.conf & outputs.conf (if you are using SSL). If you copy these config files from A box to B box and if both servers doesn't have same splunk.secret file then B box will not able to decrypt encrypted password.

In addition to this you need to copy all apps/add-ons as well.

0 Karma


can we do automation through Jenkins?

0 Karma
Get Updates on the Splunk Community!

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...