Have anybody tried to replay Splunk frozen buckets from AWS S3
Question
Replay Splunk Data by reading the Splunk frozen buckets
@David Cavuto may have something in the works for the future. At present, you can use the approach outlined here: https://cribl.io/blog/exporting-splunk-data/ . Disclaimer: I wrote it and it's technically open-sourced (not officially supported by Cribl). You will need to thaw your buckets before using the tool.
Sign up
Already have an account? Login
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.