Alerting
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

monitor empty folder, alert when there is file

newbiesplunk
Path Finder
‎06-03-2014 06:17 AM

Hi,
I wish to create an monitor folder alert such that it will trigger the alert when there is at least one file in the folder. I do not want to index any file that found in this folder. thks

Tags (1)
0 Karma
Reply

MuS
SplunkTrust
SplunkTrust
‎06-03-2014 06:55 AM

Hi newbiesplunk,

I don't think that's possible in Splunk. If you setup a directory monitor Splunk will index all files in that directory except those which are excluded by blacklisted ... but then again you will not be able to search for them in Splunk and therefore you will not be able to setup an alert.

My suggestion: write a shell script which will be fired by cron and sends an email if there is something in this directory.

cheers, MuS

0 Karma
Reply

MuS
SplunkTrust
SplunkTrust
‎06-03-2014 07:32 AM

One of the Main functionalty of splunk relies on indexing human readable Data. I don't know of any Way of Not indexing something and do the usual splunk Magic on this nothing....

0 Karma
Reply

newbiesplunk
Path Finder
‎06-03-2014 07:01 AM

thks, i dont really know how to write shell script but i believe splunk is powerful app that can do this simple job thru some search or config, it just that i dont know how. Any other suggestion? thks

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

May 2026 Splunk Expert Sessions: Security & Observability

Level Up Your Operations: May 2026 Splunk Expert Sessions Whether you are refining your security posture or ...

Network to App: Observability Unlocked [May & June Series]

In today’s digital landscape, your environment is no longer confined to the data center. It spans complex ...

SPL2 Deep Dives, AppDynamics Integrations, SAML Made Simple and Much More on Splunk ...

Splunk Lantern is Splunk’s customer success center that provides practical guidance from Splunk experts on key ...