Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to configure a forwarder to regularly pick up data from a CSV file on a Linux server?

sundaresh83
Explorer
‎03-18-2015 06:23 PM

I have log and other data in a linux server. I am parsing the data using awk code and converting it into csv files. There is a forwarder installed in another location in the same linux server. How can I get the forwarder to pick the data (csv file) from its location regularly and ingest it into splunk? Is this the best way to do this? Or is there a better way of performing the same?
I have used splunk as a single instance on my laptop for analysis previously. But this is new. It would be great if there is a step by step guide.

0 Karma
Reply

miteshvohra
Contributor
‎03-18-2015 08:51 PM

This is something what I am currently using for working on sample data in CSV format and is working great for the demo setup.

[monitor://<path to csv>/*.csv]
sourcetype = csv
KV_MODE = csv
index = name_your_index
disabled = false
crcSalt = <SOURCE>

Would appreciate your feedback what worked for you.

Regards, Mitesh.

0 Karma
Reply

sundaresh83
Explorer
‎03-19-2015 11:03 AM

Hi Mitesh,

Thanks for the reply. Should this be in the input? I l test this and surely let you know how it works.

0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...