×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
akballow
New Member
Member since: ‎07-09-2021
‎07-10-2021
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎07-09-2021
Activity Feed
View All

Move data from old Splunk 6.3.2 to New Splunk 8.1....

by in Getting Data In
‎07-09-2021 03:37 PM
‎07-09-2021 03:37 PM
Hello everyone,  I have been trying to move data from my old 6.3.2 splunk to the new 8.1.3 splunk which is empty.   I tried to first do a search "*" and downloaded everything which is 16gb. I then used the new splunk web gui monitor import which did take all the data, but it only had one host, source, and source type. The original splunk had 3 index names, 2 hosts sending data, and many sources and source types. How can i move the data so that search results show the same as it did in the original splunk? Is there a way to export everything to match exactly? I am having a hard time determining how to move these items. Both the new and old splunk have 1 search head, 2 indexers, and one master. I am not familair in how I can copy the index folder method either. Hopefully someone can guide me in how I can move the data in place keeping all the hosts, source, sourcetypes, etc. Thanks ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎07-10-2021 02:56 PM