Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Getting Data In
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Splunk Answers
- :
- Splunk Administration
- :
- Getting Data In
- :
- Re: "Continuously index data from a file or direct...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Rukmani_Splunk
Path Finder
02-21-2014
04:59 AM
Data is being indexed if i use the option "Index a file once from this Splunk server"
But not indexed if i use "Continuously index data from a file or directory this Splunk instance can access" option . Please help.
1 Solution
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
krish3
Contributor
02-21-2014
05:30 AM
Try adding it in inputs.conf file.
[monitor:///location/to/log/file/folder]
index = test1
sourcetype = log4j
disabled = false
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Rukmani_Splunk
Path Finder
03-10-2014
01:08 AM
Thank you so much it helped me a lot. It was asking fro crcSalt
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
somesoni2
Revered Legend
02-21-2014
06:12 AM
See status of file input here.
https://YOURHOST:8089/admin/services/inputstatus/TailingProcessor:FileStatus
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
krish3
Contributor
02-21-2014
05:30 AM
Try adding it in inputs.conf file.
[monitor:///location/to/log/file/folder]
index = test1
sourcetype = log4j
disabled = false
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Rukmani_Splunk
Path Finder
03-10-2014
01:09 AM
Thank you so much . it was crcSalt issue
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
krish3
Contributor
02-21-2014
05:31 AM
Back slashes if your using on windows platform..
Get Updates on the Splunk Community!
More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk
Tuesday, May 14, 2024 | 11AM PT / 2PM ET
Register to Attend
Join us for this Tech Talk and learn how to ...
.conf24 | Personalize your .conf experience with Learning Paths!
Personalize your .conf24 Experience
Learning paths allow you to level up your skill sets and dive deeper ...
Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...
WATCH NOWAs AI starts tackling low level alerts, it's more critical than ever to uplevel your threat hunting ...
