Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Is it good practice to run an rsync script to take a backup of any new warm buckets created to a new partition?

kkossery
Communicator
‎04-15-2015 08:24 AM

I need to start backing up my Splunk and was looking at backing up any new Warm buckets. I'm planning to do this by running an rsync script to take a backup of any new warm bucket created to a new partition.
Is this a good practice?
I'm interested in knowing what other users are doing to backup their Splunk/indexes on Amazon EC2.

Thanks

Tags (4)
0 Karma
Reply

kkossery
Communicator
‎05-08-2015 06:37 AM

I've installed s3sync on the Splunk box which would sync buckets (hot/warm/cold) to the S3 storage.

0 Karma
Reply

Arkon
Explorer
‎05-11-2016 12:43 PM

watchout for your S3 policy in case it automatically removes files after some time

0 Karma
Reply

Yasaswy
Contributor
‎04-15-2015 08:35 AM

hi kkossery, In general I would believe this to be "not" a good practice. Mostly because it does not scale well and very config and env dependent. I would go with clustering to solve any of the availability requirements.

0 Karma
Reply

kkossery
Communicator
‎04-15-2015 06:13 PM

Thanks! I will wait on what others have to say on this.

0 Karma
Reply
Get Updates on the Splunk Community!

Routing Data to Different Splunk Indexes in the OpenTelemetry Collector

This blog post is part of an ongoing series on OpenTelemetry. The OpenTelemetry project is the second largest ...

Getting Started with AIOps: Event Correlation Basics and Alert Storm Detection in ...

Getting Started with AIOps:Event Correlation Basics and Alert Storm Detection in Splunk IT Service ...

Register to Attend BSides SPL 2022 - It's all Happening October 18!

Join like-minded individuals for technical sessions on everything Splunk!  This is a community-led and run ...