Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Is it good practice to run an rsync script to take a backup of any new warm buckets created to a new partition?

kkossery
Communicator
‎04-15-2015 08:24 AM

I need to start backing up my Splunk and was looking at backing up any new Warm buckets. I'm planning to do this by running an rsync script to take a backup of any new warm bucket created to a new partition.
Is this a good practice?
I'm interested in knowing what other users are doing to backup their Splunk/indexes on Amazon EC2.

Thanks

Tags (4)
0 Karma
Reply

kkossery
Communicator
‎05-08-2015 06:37 AM

I've installed s3sync on the Splunk box which would sync buckets (hot/warm/cold) to the S3 storage.

0 Karma
Reply

Arkon
Explorer
‎05-11-2016 12:43 PM

watchout for your S3 policy in case it automatically removes files after some time

0 Karma
Reply

Yasaswy
Contributor
‎04-15-2015 08:35 AM

hi kkossery, In general I would believe this to be "not" a good practice. Mostly because it does not scale well and very config and env dependent. I would go with clustering to solve any of the availability requirements.

0 Karma
Reply

kkossery
Communicator
‎04-15-2015 06:13 PM

Thanks! I will wait on what others have to say on this.

0 Karma
Reply
Get Updates on the Splunk Community!

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

Tuesday, May 14, 2024  |  11AM PT / 2PM ET Register to Attend Join us for this Tech Talk and learn how to ...

.conf24 | Personalize your .conf experience with Learning Paths!

Personalize your .conf24 Experience Learning paths allow you to level up your skill sets and dive deeper ...

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...

WATCH NOWAs AI starts tackling low level alerts, it's more critical than ever to uplevel your threat hunting ...