Monitoring Splunk

How do we read logs under the daily format directory?

thirulog
New Member

I have logs under the daily date format directory

How I ready the logs?

Directory : E:\Ora\DRM\daillyDate\log.txt

Tags (1)
0 Karma

woodcock
Esteemed Legend

Options are plenteous, there is also this:

[monitor://E:\Ora\DRM\...\log.txt]
0 Karma

lycollicott
Motivator

Monitor the directory E:\Ora\DRM and it will index everything below that.

(NOTE: You can use wildcards, but that doesn't mean you should use wildcards. )

0 Karma

richgalloway
SplunkTrust
SplunkTrust

Wildcards are allowed in file paths. Try

[monitor://E:\Ora\DRM\*\log.txt]
---
If this reply helps you, Karma would be appreciated.
0 Karma

woodcock
Esteemed Legend

perhaps missing a path segment there?

0 Karma

thirulog
New Member

I have [monitor://E:\Ora\DRM**.txt] but did not work

Daily date directory created for every day and there are 20 logs under the date directory

0 Karma

woodcock
Esteemed Legend

I think that he meant this:

[monitor://E:\Ora\DRM\*\*\log.txt]
0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...