Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

how to count the number of files and directories in a folder in splunk

Afef
Communicator
‎08-13-2014 04:26 AM

Hi,
Please Could someone tell me how to count the number of files and directories in a folder in splunk ?
Regards

Tags (2)
0 Karma
Reply

martin_mueller
SplunkTrust
SplunkTrust
‎08-13-2014 05:49 AM

You could create a script that computes the counts you're looking for, a naïve one-liner counting the files and directories in a path could be this:

cd /path/to/count; date; pwd; ls | wc -l

Then configure that as a scripted input in your Splunk.

Reply

martin_mueller
SplunkTrust
SplunkTrust
‎08-14-2014 02:07 AM

I'm sure similar things can be done with PowerShell. A quick googling suggests something like this: http://stackoverflow.com/questions/14714284/count-items-in-a-folder-with-powershell

0 Karma
Reply

Afef
Communicator
‎08-14-2014 12:48 AM

Thank you martin, but i'm working with windows not linux, so what should i do ?

0 Karma
Reply

martin_mueller
SplunkTrust
SplunkTrust
‎08-13-2014 06:15 AM

Sure. Say you saved my one-liner or your much better script to $SPLUNK_HOME/etc/apps/your_app/bin/dircount.sh, then you can define this in inputs.conf:

[script://$SPLUNK_HOME/etc/apps/your_app/bin/dircount.sh]
index = your_index
sourcetype = your_sourcetype
interval = number of seconds between runs

You can also configure this through the UI if run on a Searchhead, Indexer, or Heavy Forwarder by going to Settings -> Data Inputs -> Scripts -> New.

Find the docs here: http://docs.splunk.com/Documentation/Splunk/6.1.3/Data/Setupcustominputs

0 Karma
Reply

smudge797
Path Finder
‎08-13-2014 06:03 AM

Can you expand on the "Then configure that as a scripted input in your Splunk." Thanks!

0 Karma
Reply

Afef
Communicator
‎08-13-2014 04:58 AM

I want just to calculate the number of directories and files in a specific folder ! so if it is possible to not index data it will be good. If not i want to have the count and create a dashboard like that :

DIRECTORY NumberOfFiles NumberOfDirectories
Dir Name NBFiles NBDir

So How could i do this ?

Regards

0 Karma
Reply

martin_mueller
SplunkTrust
SplunkTrust
‎08-13-2014 04:37 AM

Are you trying to index that count for some directory, or are you trying to calculate statistics based on already indexed data and the path in their source field?

0 Karma
Reply
Get Updates on the Splunk Community!

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...