Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

What are manifest files used for in Splunk home directory?

ben_leung
Builder
‎11-12-2014 04:25 PM

splunk-6.1.4-233537-darwin-64-manifest

These files only list out the directory of Splunk. When upgrading from version to version, I have accumulated old manifest files. Are they still useful to Splunk or can I just remove them?

What is the purpose for them any ways?

Tags (1)
0 Karma
Reply

bohanlon_splunk
Splunk Employee
Splunk Employee
‎10-04-2016 03:09 AM

You can just remove them. They are an anti tampering mechanism generated at install time.
However, when you change versions (e.g. during upgrades), the old one gets left behind.

If you need to regenerate them, check out this post:
https://answers.splunk.com/answers/455739/how-can-i-regenerate-my-package-manifest-file.html#answer-...

0 Karma
Reply

aljohnson_splun
Splunk Employee
Splunk Employee
‎11-12-2014 04:58 PM

I have some built up too. They are 833KB large for me, so I just leave them alone. I just tried moving all mine to a different location and splunk is acting normally, but I have no idea if splunk might use time in the future.

Note: These are NOT the same as a .bucketManifest that you find in locations such as $SPLUNK_HOME/var/lib/splunk/default/db

As for what they are / why they are there, here's a definition.

Wikipedia

In software packaging, it is common to list the contents of a distribution in a manifest file. This file simply enumerates the files which are included in the distribution, either for processing by various packaging tools, or for human consumption.

The term is a loan from shipping, where a ship's manifest would list the crew or cargo of a vessel.

The manifest may optionally contain a cryptographic hash or checksum of each file. By creating a cryptographic signature for such a manifest file, the entire contents of the distribution package can be validated, as altering any of the files will invalidate the checksums in the manifest file.

The manifest files usually have a .MF extension, or a .manifest extension in Windows.

0 Karma
Reply

ben_leung
Builder
‎11-12-2014 05:35 PM

So I think there is no harm in removing old versions of the manifest files from Splunk home. They would be outdated anyways, save the latest version.

0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...