Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How do i manually roll buckets in 4.1?

Chris_R_
Splunk Employee
Splunk Employee
‎04-07-2010 10:28 PM

How do i manually roll buckets in 4.1? The old method

./splunk search "| debug cmd=roll index=main"

does not work as expected, in fact it does not do anything....

Tags (2)
Reply
1 Solution
Solved! Jump to solution
Solution

Chris_R_
Splunk Employee
Splunk Employee
‎04-07-2010 10:30 PM

4.1 introduced new CLI commands, one of them is the "rolling buckets to warm" command.
Use

$SPLUNK_HOME/bin/splunk _internal call /data/indexes/main/roll-hot-buckets

Replace "main" For the index you wish to roll, and enter in admin level credentials. You should run this when Splunk is up and running.

View solution in original post

Reply
Solved! Jump to solution
Solution

Chris_R_
Splunk Employee
Splunk Employee
‎04-07-2010 10:30 PM

4.1 introduced new CLI commands, one of them is the "rolling buckets to warm" command.
Use

$SPLUNK_HOME/bin/splunk _internal call /data/indexes/main/roll-hot-buckets

Replace "main" For the index you wish to roll, and enter in admin level credentials. You should run this when Splunk is up and running.

Reply
Solved! Jump to solution

zliu
Splunk Employee
Splunk Employee
‎10-29-2010 05:55 PM

/splunk/bin/splunk _internal call /data/indexes/main/roll-hot-buckets
/splunk/bin/splunk _internal call /data/indexes/access/roll-hot-buckets

0 Karma
Reply
Solved! Jump to solution

the_wolverine
Champion
‎04-16-2010 05:31 AM

You can contact docs@splunk.com for any docs issues.

0 Karma
Reply
Solved! Jump to solution

Chris_R_
Splunk Employee
Splunk Employee
‎04-08-2010 05:36 PM

Bunnyhop, expected results will be any hot_v_n(read/write) buckets you have in your index will be rolled into a warm db_n_n_n(read only)
Primary purpose of this is to prepare your system for backups.
Doc updates will be coming shortly as well.

0 Karma
Reply
Solved! Jump to solution

jrodman
Splunk Employee
Splunk Employee
‎04-08-2010 04:10 PM

Awesome, I was trying to edit the debug processor to not emit errors on success. Would have been cool if anyone had told me it was being axed for 4.1 anyway.

0 Karma
Reply
Solved! Jump to solution

BunnyHop
Contributor
‎04-08-2010 02:54 PM

BTW, who in the org is in charge of documentation? I believe this process/procedure (debug cmd ...) is still in the 4.1 documentation for forcing bucket rolling.

0 Karma
Reply
Solved! Jump to solution

BunnyHop
Contributor
‎04-08-2010 01:58 PM

What's the expected result of this? It doesnt seem to perform the expected function.

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...