FrozenFreeUp

The FrozenFreeUp app allows you to remove the archived frozen data from Splunk indexer instance. The app deletes the db_ and rb_ folders with specified age according to the configurations in the inputs.conf and frozen.conf files. This app should be installed on the Indexer servers. Currently this app supports Indexers installed on nix servers. Important Note: Always consider organization’s data retention policies while setting up the configurations. Make sure to give the exact Frozen path configured in Splunk. Wrong path may lead to the removal of unintended data. **************************************************************************** Contributors: Dr.Simily Joseph - Computer Science Professor Subin Nidiyandiyil - Cyber Security Technical Consultant ****************************************************************************

Built by Subin N

Latest Version 1.0.3

May 21, 2024

Compatibility

Not Available

Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0

Rating

0

(0)

Log in to rate this app

Support

Developer Supported app

Ranking

#38

in Generic

The FrozenFreeUp app allows you to remove the archived frozen data from Splunk indexer instance. The app deletes the db_ and rb_ folders with specified age according to the configurations in the inputs.conf and frozen.conf files. This app should be installed on the Indexer servers. Currently this app supports Indexers installed on nix servers. Important Note: Always consider organization’s data retention policies while setting up the configurations. Make sure to give the exact Frozen path configured in Splunk. Wrong path may lead to the removal of unintended data. **************************************************************************** Contributors: Dr.Simily Joseph - Computer Science Professor Subin Nidiyandiyil - Cyber Security Technical Consultant ****************************************************************************