Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Can I use CLI to configure inputs.conf blacklist

tdrisdelle
Engager
‎06-20-2012 10:09 AM

Is there any way to use the CLI to configure the blacklist (in inputs.conf) file?

The docs seem to indicate no... but I'm hopeful that I've missed something.

./splunk help edit
required parameters:

(For edit monitor)
    source                      path to a file or directory whose contents should be indexed by the Splunk server, and then watched for new input. The Splunk server unpacks tarfiles and compressed files.

optional parameters:

(For edit monitor)
        sourcetype                  source type value to set for events from the source

        index                       a local Splunk index to place events from the source

        hostname                    host name to set as the host value

        hostregex                   regular expression of file path to set as the host value

        hostsegmentnum              number of segments in the file path to set as the host value

        follow-only                 only read from the end of the file (True|False, default=False)
Reply
1 Solution
Solved! Jump to solution
Solution

bmacias84
Champion
‎03-12-2013 01:05 PM

@tdrisdelle, No you are not missing anything. Currently the CLI does not offer the ability to edit advanced stanza settings. Just like the GUI, the CLI allows basic add and modify abilities. For more advanced stanaza and settings changes direct conf file edits are required. This is when building TAs and using something like the Deployment Server makes configuration much easier.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

bmacias84
Champion
‎03-12-2013 01:05 PM

@tdrisdelle, No you are not missing anything. Currently the CLI does not offer the ability to edit advanced stanza settings. Just like the GUI, the CLI allows basic add and modify abilities. For more advanced stanaza and settings changes direct conf file edits are required. This is when building TAs and using something like the Deployment Server makes configuration much easier.

0 Karma
Reply
Solved! Jump to solution

bondu
Explorer
‎03-12-2013 12:43 PM

What is the Operating System you have splunk installed on?

0 Karma
Reply
Get Updates on the Splunk Community!

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer at Splunk .conf24 ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...

Combine Multiline Logs into a Single Event with SOCK: a Step-by-Step Guide for ...

Combine multiline logs into a single event with SOCK - a step-by-step guide for newbies Olga Malita The ...