Re: Porting from one machine to another

terryloar · ‎03-21-2013

I have a need to capture all of the Splunk work that I've done on one machine and move it to another machine. It's dev to dev, not an official deployment.

I tried copying the C:\Program Files\Splunk\etc\apps\search\local directory to the new machine, but the Dashboard & Views dropdown was the old one.

I also tried to copy $SPLUNK_HOME, but it did not get all of the files.

Any ideas on how to do this would be appreciated. The simpler, the better.

Thanks

Thanks.

lguinn2 · ‎03-21-2013

There is a wiki article about this: Migrating a Splunk Install

But if the underlying operating system is the same, you can just copy the installation.
For example, in Linux, assuming that $SPLUNK_HOME is /opt/splunk' and you are running as the usersplunkIT`

# on the current machine
su splunkIT
cd /opt/splunk/bin
./splunk stop
cd /opt
tar -czf splunk.tgz splunk

# on the new machine (assumes that user splunkIT exists there as well)
# copy the splunk.tgz to /opt  using any method, and
# make sure that splunk.tgz is owned by splunkIT

su  splunkIT
cd /opt
tar -xzf splunk.tgz
cd splunk/bin
./splunk start

Note that this assumes that the Splunk indexes are also stored beneath the /opt/splunk directory. If they are not, you will have go through similar steps to copy them as well.

terryloar · ‎03-21-2013

I closed the browser and restarted splunk.exe restart from the command line. The menu items now appear.

Porting from one machine to another

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Announcing Modern Navigation: A New Era of Splunk User Experience

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

Join the Conversation