Hi ,
I have to set alert the for below w requirement.
There is one file is present in my application and it is update continuously. So I have send the email alert when file is not update for 5 min. Is it possible in splunk?
I think that it is good to acquire the audit event periodically using ”fschange”.
http://docs.splunk.com/Documentation/SplunkCloud/6.6.3/Data/Monitorchangestoyourfilesystem
※pollPeriod=N
Hi ,
I didn't understand the document. Also I don't have the splunk server access so I can't check inputs.conf.file .
Is it possible through dashboard or custom search query.