Reporting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to secure copy (SCP) saved search results on ServerA to ServerB?

tkwaller
Builder
‎04-13-2015 06:22 AM

Hello

I am trying to figure out how I can do this:
I have a saved search that runs on server A and I want to secure copy (scp) those results to server B. How can I accomplish this? I know that I can have a script execute after the search is run, but all I want to do is simply scp the results from one folder to a different folder on a different server.

Any ideas on how I can do this?

Thanks for the assistance!

Tags (2)
Reply
1 Solution
Solved! Jump to solution
Solution

fdi01
Motivator
‎04-14-2015 03:08 AM

Syntaxe to use SCPcommand(first install SSH on ServerA and ServerB).

to Copy an file from serveurA to serveurB:
> scp LoginA@ServerA:pathA/file_nameA LoginB@ServerB:pathB/file_nameB

to Copy an file from curent directory to another server directory :
> scp File login@server:path

to Copy an directory , with these sub-directory, to an sever directory :

> scp -r directory login@server:path

in you case you can copy your saved_search directory try like this:

> scp -r your_login_nameA@serverA.com:/etc/splunk/.../saved_search_nameA/  your_login_nameB@serverB.com:/etc/splunk/.../saved_search_nameB/

or to copy saved_search file:

> scp  your_login_nameA@serverA.com:/etc/splunk/.../saved_search_file  your_login_nameB@serverB.com:/etc/splunk/.../saved_search_directory/

View solution in original post

Reply
Solved! Jump to solution
Solution

fdi01
Motivator
‎04-14-2015 03:08 AM

Syntaxe to use SCPcommand(first install SSH on ServerA and ServerB).

to Copy an file from serveurA to serveurB:
> scp LoginA@ServerA:pathA/file_nameA LoginB@ServerB:pathB/file_nameB

to Copy an file from curent directory to another server directory :
> scp File login@server:path

to Copy an directory , with these sub-directory, to an sever directory :

> scp -r directory login@server:path

in you case you can copy your saved_search directory try like this:

> scp -r your_login_nameA@serverA.com:/etc/splunk/.../saved_search_nameA/  your_login_nameB@serverB.com:/etc/splunk/.../saved_search_nameB/

or to copy saved_search file:

> scp  your_login_nameA@serverA.com:/etc/splunk/.../saved_search_file  your_login_nameB@serverB.com:/etc/splunk/.../saved_search_directory/
Reply
Solved! Jump to solution

tkwaller
Builder
‎04-14-2015 07:22 AM

Worked great. Now do you know how this could be automated?

0 Karma
Reply
Solved! Jump to solution

hemendralodhi
Contributor
‎01-18-2017 10:17 PM

Run a cron script on server where reports are saved. Make sure to use cron internal which send report after report search schedule.

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...