Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

only monitor FILE NAME not Content

hoggjade
Engager
‎08-04-2011 03:59 AM

Good day

is it possible to only monitor FILE NAMES within a Directory and sub directories and not the Content of these files

Reason being, I need to have a Logging system that users can monitor if a File has been received, but they do not need to see the content

also it needs to read as Simply as possible

Reply

cpt12tech
Contributor
‎03-21-2016 03:30 PM

I have a similar need, I want to list all the files on a volume. These are large video files and I need a list of what is on the volume for reconciliation and searching. One way to set this up is create a Windows .bat file and schedule it to run. The script outputs to a text file. Then configure splunk to monitor the text file. Here is the .bat script:
dir e:\someFolderName*.* /b >>e:\fileNameForSplunkToMonitor.txt

fschange is being depriciated and splunk uses Windows security audit. This would be too cumbersome for my needs as I would have to search for all files added & deleted to get the current inventory.

Reply

mw
Splunk Employee
Splunk Employee
‎08-04-2011 06:52 AM

You can configure an fschange input stanza to monitor changes to the directory. That would probably be the easiest. Look for "fschange" on this page: http://www.splunk.com/base/Documentation/latest/admin/Inputsconf

Reply
Get Updates on the Splunk Community!

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...

Introducing Splunk Enterprise 9.2

WATCH HERE! Watch this Tech Talk to learn about the latest features and enhancements shipped in the new Splunk ...

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...