Archive2

Monitor directory containing Zip files

arunsundarm
Engager

I have enabled monitoring for zip files and there are two subfolders inside a zip file in that i have a text file LOG_ xxx which only iwant to monitor, I want to ignore the other files inside the zip file.

Also when i index splunk auto decompress the files and extracts as

file.zip:./folder1/folder2/Log_.txt
I only want the Log_
.txt

but splunk indexes all the files even if i give the source in the above format like: filename/.zip:./folder1/folder2/LOG_.txt

Need help

Tags (2)
0 Karma
Reply
.conf21 CFS Extended through 5/20!

Don't miss your chance
to share your Splunk
wisdom in-person or
virtually at .conf21!

Call for Speakers has
been extended through
Thursday, 5/20!