How do I monitor a file through REST api



I'm new to splunk and will be working with its REST api.
So far I've been adding files to be monitored using splunk's UI, but now i need to do so using its REST api.
Is it possible ?
If so how can it be done ?

Tags (1)


Hi @wava11,
There are two ways to do this. I prefer first because if you are beginner with RestApi and Splunk it will help you a lot to understand configuration file in general.

I hope you understand configuration files in splunk. There is a configuration file for storing input - inputs.conf. Adding stanza in it will add file to monitor. Learn how to write stanza in inputs.conf file Now there is a way in RestApi via which you can edit any configuration file in splunk - Now you know the stanza add it via RestApi.

Restart the splunk and you are done.
(You can also restart Splunk with RestApi - https://[Host]:[Port]/services/server/control/restart)



Take the 2021 Splunk Career Survey

Help us learn about how Splunk has
impacted your career by taking the 2021 Splunk Career Survey.

Earn $50 in Amazon cash!