Quick poll: Anyone using ext4? Have you run into...

Lowell · ‎09-12-2011

I'm planning on migrating Splunk instance to new hardware and will be upgrading the OS at the same time, and I'd like to move to "ext4" due to the extent-based file allocation, online fragmentation capabilities, and so on.

There's been a couple questions about ext4 on this site and per splunk support there is still no official "ext4" support yet as of Splunk 4.2.3, so I figured I'd see if anyone in the community has any experience on this.

If you're using ext4 I'd love to know about it.

Please include the following: (Additional details welcomed)

Linux distro:
Kernel version:
Splunk version:
Comments: (Works well / has problems / is it notably faster or slower?)

mdonnelly_splun · ‎06-15-2012

For those who stumble across this query - the list of supported file systems now includes EXT4.

The complete list of supported file systems is found here:

http://docs.splunk.com/Documentation/Splunk/latest/Installation/Systemrequirements

dwaddle · ‎09-21-2011

Lowell, I run ext4 on my 4.2.1 test instance on Ubuntu lucid. But, being it's strictly used for app development and config shakeouts I can't give any positive or negative comments on performance. In terms of basic functionality, Splunk seems to run just fine.

timothy_e_rabor · ‎09-21-2011

I'm in the same boat as you and was hoping to see an answer here. I'm moving forward and hope I don't have to downgrade. Maybe I'll have some results to post in the next few days.

Quick poll: Anyone using ext4? Have you run into any issues?

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases