Hi Team,
I have tried executing the cluster-merge-buckets command on Cluster Manager and got the following error / exception:
Command:
./splunk cluster-merge-buckets -index-name _audit -startdate 2020/01/01 -enddate 2024/01/24 -max-count 1000 -min-size 1 -max-total-size 1024
Output:
Using the following config:
-max-count=1000 -min-size=1 -max-size=1000 -max-timespan=7776000
Dryrun has started. merge_txn_id=1706209703.24
[...] peer=IDX01 processStatus=Merge_Done totalBucketsToMerge=28 mergedBuckets=28 bucketsUnableToMerge=0 createdBuckets=1 sizeOfMergedBuckets=
868MB progress=100.0%
[...] peer=IDX02 processStatus=Merge_Done totalBucketsToMerge=23 mergedBuckets=23 bucketsUnableToMerge=0 createdBuckets=1 sizeOfMergedBuckets=
718MB progress=100.0%
progress=100.0% peers=2 completedPeers=2 failedPeers=0 totalBucketsToMerge=51 mergedBuckets=51 bucketsUnableToMerge=0 createdBuckets=2 totalSizeOfMergedBucket
s=1586MB
(Additional space required for localizing S2 buckets up to the equivalent of sizeOfMergedBuckets for each peer)
----------------------------------------------------------------------------------------------------------------------------------------
Have anyone experienced the same earlier or could help me with the resolutions.
