Alerting
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

monitor empty folder, alert when there is file

newbiesplunk
Path Finder
‎06-03-2014 06:17 AM

Hi,
I wish to create an monitor folder alert such that it will trigger the alert when there is at least one file in the folder. I do not want to index any file that found in this folder. thks

Tags (1)
0 Karma
Reply

MuS
SplunkTrust
SplunkTrust
‎06-03-2014 06:55 AM

Hi newbiesplunk,

I don't think that's possible in Splunk. If you setup a directory monitor Splunk will index all files in that directory except those which are excluded by blacklisted ... but then again you will not be able to search for them in Splunk and therefore you will not be able to setup an alert.

My suggestion: write a shell script which will be fired by cron and sends an email if there is something in this directory.

cheers, MuS

0 Karma
Reply

MuS
SplunkTrust
SplunkTrust
‎06-03-2014 07:32 AM

One of the Main functionalty of splunk relies on indexing human readable Data. I don't know of any Way of Not indexing something and do the usual splunk Magic on this nothing....

0 Karma
Reply

newbiesplunk
Path Finder
‎06-03-2014 07:01 AM

thks, i dont really know how to write shell script but i believe splunk is powerful app that can do this simple job thru some search or config, it just that i dont know how. Any other suggestion? thks

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas     Cisco Live 2026 is almost here, and this ...

Data Management Digest – May 2026

Welcome to the May 2026 edition of Data Management Digest!   As your trusted partner in data innovation, the ...