Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Search
Splunk Community
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
112,133 results
Sort by:
02-20-2024
06:21 AM
Hi, I am trying to deploy a new index to my indexer cluster via the Cluster Master and have followed the usual documentation on how to deploy via the Master-Apps Folder. I have done this before a...
- Tags:
- cluster bundle
Labels
- Labels:
-
indexer clustering
11-06-2024
04:11 AM
Please can anyone what are steps to migrate the old data to new server while upgrading the splunk to 9.3 version i have checked the splunk document but i did not understand properly.Kindly please c...
Labels
02-01-2024
01:35 PM
I am installing a new Splunk server on Windows using the trial subscription for now, which may be changed to the free license later. I have data from another Splunk for Windows server t...
Labels
- Labels:
-
Windows
Show results in replies (5)
-
...folder to the new installation from the instance of Splunk that I have backed up. W...
-
...ifferent one if you used a different $SPLUNK_DB) from the old to the new instance, copy all the i...
-
I found this: Migrate a Splunk Enterprise instance from one physical machine to a...
-
Also remember that the Trial license is granted to a particular party for a particular use (t...
-
Hi @leobsksd, you have to copy the apps and data, not all the etc folder , especially l...
03-01-2022
07:15 AM
...Enterprise on the new instance. - Log into Splunk Enterprise and confirm that your data is intact by searching it - Upgrade from 7.3.X to 8.1.X and then to 8.2.5 Should I apply these steps to e...
Labels
- Labels:
-
indexer clustering
-
Windows
Show results in replies (3)
-
...ost to the new one): you don't need to copy all the $SPLUNK_HOME folder, you need only etc and var....
-
Hi @anem, it's always better to open a new question than add a post to an existing one, so m...
-
...lready have them when you install the old Splunk version. Especially on Windows, it isn't relevant to c...
07-30-2024
02:08 PM
I am trying to ingest some json data into a new Splunk Cloud instance, with a custom sourcetype, but I keep getting duplicate data in the search results. This seems to be an extremely common p...
- Tags:
- json
Labels
- Labels:
-
using Splunk Cloud
08-18-2023
03:35 AM
I Have Splunk Enterprise (Windows) single entity and the indexes are in the 😧 drive and it is full and I have added new desk F: drive
I want to move my indexes to the new drive do I need to...
Labels
- Labels:
-
configuration
Show results in replies (5)
-
If your problem is resolved, then please click the "Accept as Solution" button to help future r...
-
It works but for some app there is time window for the events not as before but I consider it work ...
-
I would shut down Splunk and move the %SPLUNK_DB% files from D to F. While that is h...
-
@richgalloway I am already started moving %SPLUNK_DB% files from 😧 to F: W...
-
...hanged to the new drive.
03-21-2025
05:31 AM
Hello all, So I'm very new to Splunk, like I've been playing around with it for less than 3 months. I have been tasked with sending logs from Logstash into Splunk, however, I have no idea w...
Labels
- Labels:
-
inputs.conf
-
JSON
-
syslog
11-08-2024
01:18 AM
1 Karma
In the Splunk app, the exception message column has multiple line message in it. However, when same query is applied to the table event in the Splunk Dashboard Studio, the newline isn't considered, a...
Labels
- Labels:
-
table
02-29-2024
12:17 PM
...on the old server 3 Copy old configs to new server ?? <<< which configs? is there a check list documented somewhere 4 Start new Splunk server and verify I could go thru e...
Labels
- Labels:
-
configuration
-
installation
-
upgrade
Show results in replies (7)
-
Another old post to migrate individual splunk linux box into new one https://community.splunk.com/t...
-
...hen rsync the entire /opt/splunk dir to the new VM, ensure all network settings match and rejoin i...
-
...p /opt/splunk, copy over the old.tar to new box, untar over the new install, then start Splunkd....
-
...he entire contents of the $SPLUNK_HOME directory from the old host to the new host. Copying this d...
-
...oving whole splunk installation from one server to another and pretending nothing changed but that m...
-
Hi My old answer for this https://community.splunk.com/t5/Splunk-Enterprise/Migration-of-Splunk-to...
-
...ueries from cluster peers). If you want to do the "raze and replace", you'd rather install a fresh Splunk...
04-03-2024
03:08 PM
...earchOrchestrator] - Unwound user context: b.morin -> NULL
04-03-2024 18:00:38.950 ERROR ScopedAliveProcessToken [11855 searchOrchestrator] - Failed to remove alive token file='/opt/splunk/var/run/splunk/dispatch/1...
Labels
- Labels:
-
search job inspector
