Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
59 results
Sorted by:
08-22-2013
03:45 AM
1 Karma
Hi,
I've archived indexed data into location "D:\Program Files\Splunk\myfrozenarchive" and now myfrozenarchive folder has to folders
db_1364755264_1356979773_16
d...
12-17-2018
11:43 AM
....2 and higher, you can thaw data on any indexer instance, not just the one that it originated on.
"For the most part, you can restore an
archive to any instance of the
indexer, not just the o...
07-06-2020
02:08 PM
...t make sense to have backups from warm, cold, and archived/frozen indexed data on the Splunk servers taken daily and then sent over to an OCI bucket? Splunk deployments on OCI aren't common, so I'm i...
Labels
- Labels:
-
indexer clustering
-
Linux
10-28-2019
10:11 AM
I was recently asked to restore a couple months of data.
After reading>>> https://docs.splunk.com/Documentation/Splunk/7.2.7/Indexer/Restorearchiveddata
I don't see a way to restore J...
11-20-2019
10:36 AM
...torage drive, mounted on our Indexers (volume:drive/index/colddb).
Recently, due to a strange issue, the data inside the colddb went missing for 2 Indexes. We can't find it on the NAS drive as well. F...
11-15-2017
03:26 AM
...oldToFrozenscript.py
This will archive data to a particular directory that we mention in indexes.conf.
However it faces problems in cases of clustered architecture due to same multiple buckets being c...
10-17-2017
07:34 PM
...opy of these data (either raw or indexed) to external server (e.g. syslog) for long term archiving.
We're looking for any recommended solution. Would anyone please help?
Thanks a lot.
Rgds
10-03-2018
03:30 AM
i have the frozen data archived in this path" /nfs-storage/frozen_path/cisco_asa/ " and when tried to restore it in splunk again i copied the bucket from this path to the thawed path using this c...
04-19-2016
04:21 AM
...ake a backup of files/indexed data and configurations. We could not find any instructions on how to back up and restore the indexed data. We are running on a Unix environment and have a large a...
07-18-2019
01:48 PM
...oing through each of my archives, finding what buckets are missing, and restore them, what am I missing? I assumed since replication_factor=4, that meant I had duplicate copies of all of my data a...
