Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
11 results
Sorted by:
08-07-2021
09:31 AM
Hello All, I have 3 indexer in cluster and data is being stored in the NAS server. and for one server data is stored in cold logs on a mounted storage. I have copied the data from NAS to 2 s...
- Tags:
- restore archive data
08-22-2013
03:45 AM
1 Karma
Hi,
I've archived indexed data into location "D:\Program Files\Splunk\myfrozenarchive" and now myfrozenarchive folder has to folders
db_1364755264_1356979773_16
d...
04-20-2023
05:34 PM
Hi All,
I want to get Archived data from Frozen buckets for a certain time frame. The index which i am trying to fetch is related to windows event logs. Is their any script available to a...
Labels
- Labels:
-
administration
12-17-2018
11:43 AM
....2 and higher, you can thaw data on any indexer instance, not just the one that it originated on.
"For the most part, you can restore an
archive to any instance of the
indexer, not just the o...
07-06-2020
02:08 PM
...t make sense to have backups from warm, cold, and archived/frozen indexed data on the Splunk servers taken daily and then sent over to an OCI bucket? Splunk deployments on OCI aren't common, so I'm i...
Labels
- Labels:
-
indexer clustering
-
Linux
11-23-2014
01:22 AM
After I restore the archived data in thawed path and rebuild the index - Splunk recognizes the data.
What is the life-time of the data residing in the thawed path? Is there any default retention p...
03-15-2017
10:24 AM
Hi ,
My file got indexed. Unfortunately both the actual file and the indexed data got deleted but we have backup for indexed data.
We are trying to retrieve the raw data from indexed data b...
05-30-2013
11:20 AM
...ime based seems to be another. My gut says this would be based on indexed time but not sure how historical data and timestamps play into bucket creation.
- Tags:
- retention
05-15-2018
06:07 AM
Hello guys,
we need to restore frozen data, however is it possible to choose which source to restore (not all sources), if yes, how?
Thanks.
