splunk remove
-
Remove data inputs, user accounts, or saved searches. Syntax: remove [object] [-parameter <value>| <value>] remove excess-buckets [index-name] remove cluster-peers peers [-parameter <value>] ... remove shcluster-member remove monitor source remove user <username> remove role <rolename> remove [licenser-pools|licenses] remove licenses hash remove -name <pool name> Objects: remove exec remove scripted inputs remove index removes an index remove cluster-master Remove a master from the list of instances a searchhead searches across remove excess-buckets Remove excess buckets in the cluster. remove cluster-peers Remove downed peers from the cluster master. remove shcluster-member Remove the specified member if run on the captain or, if run on a non-captain member, remove that member from the search head cluster. remove monitor remove monitored directory inputs remove app remove specified app name remove tcp remove TCP (network) inputs remove udp remove UDP (network) inputs remove forward-server remove servers to forward data to remove user removes a user remove role removes a role remove licenses removes a license from a stack remove licenser-pools removes a pool within a stack Required Parameters: (For remove exec) source command and arguments to remove (For remove index) name name of index (For remove cluster-master) master_uri the value of the master uri (For remove cluster-peers) peers Comma separated guids of the peers to be removed (For remove monitor) source path to a directory to index (For remove app) name the name of the app (For remove tcp) source port where Splunk should listen for events (For remove udp) source port where Splunk should listen for events (For remove forward-server) hostport in the format <host>:<port> where host and port are hostname or IP address of the indexing server and port that the indexer is listening on (For remove user) username the name of the Splunk user account to remove (For remove role) rolename The name of the role (For remove licenses) hash hash of the license file to remove (For remove licenser-pools) name name of the pool to remove Optional Parameters: (For remove cluster-master) secret the secret/pass4SymmKey used for the master site the site-id for the searchhead for this master (For remove excess-buckets) index index to remove excess-buckets (For remove shcluster-member) mgmt_uri If run on the captain, this is the management uri of the member to be removed. Examples: './splunk remove cluster-master https://127.0.0.1:8089 -secret testsecret' './splunk remove cluster-master -master_uri https://127.0.0.1:8089 -secret testsecret' './splunk remove excess-buckets' './splunk remove excess-buckets main' './splunk remove cluster-peers -peers GUID' './splunk remove cluster-peers -peers GUID1,GUID2,GUID3' ./splunk remove shcluster-member -mgmt_uri https://myserver:1234 ./splunk remove app unix ./splunk remove licenses BM+S8VetLnQEb1F+5Gwx9rR4MGGG5E3gQgV4Y91AkIE= ./splunk remove licenses BM+S8VetLnQEb1F+5Gwx9rR4MGGG5E3gQgV4Y91AkIE= ./splunk remove licenser-pools foo Type "help [command]" to get help with parameters for a specific command. Complete documentation is available online at: http://docs.splunk.com/Documentation
© Lightnetics 2024