Dashboards & Visualizations

Look for Splunk ideas

splunk755
Loves-to-Learn

Hello Community,

Rookie here

I am looking for some ideas to just monitor a directory for incoming and outgoing files and not the actual data with in the files.  I am wanting to see if I can project this data to a dashboard with the names of files that have come in and processed.

/opt/splunk/input/test_in

/op/splunk/output/test_out

Is it possible with in Splunk, I believe Splunk may be an overkill  but I want to see if I can achieve it.

I am in my demo environment, installed splunk server, created an index, installed forwarder on my remote unix server, configured the inputs/outputs files, connected it to the indexer and I see it reporting.

 

Please let me know.

 

Cheers !

Labels (1)
0 Karma

richgalloway
SplunkTrust
SplunkTrust

Yes, you can try it in your lab.  Understand, however, that fschange could do away in any upcoming Splunk release.  Also, it's not necessary for your script to emulate fschange.  You can make the output be anything useful to you - then build the dashboard around that.

---
If this reply helps you, Karma would be appreciated.
0 Karma

richgalloway
SplunkTrust
SplunkTrust

There is the fschange input, but it's deprecated so not recommended.  Aside from that, all you can do is write a script to do the monitoring and report results to Splunk.

---
If this reply helps you, Karma would be appreciated.
0 Karma

splunk755
Loves-to-Learn

Thanks Rich.

can I still try fschange in my lab environment, I want to see how it presents on that dashboard so that I can get some idea of how the script output will need to look like ?

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...