Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Ask a Question

How to configure inputs.conf to only index the log generated today from my sample data?

xtlyk
New Member
โ€Ž06-28-2016 08:09 PM

hi my friends,

I have some logs like this:

--localhost_access_log2016-06-24.txt
--localhost_access_log2016-06-25.txt
--localhost_access_log2016-06-26.txt
--localhost_access_log2016-06-27.txt
--localhost_access_log2016-06-28.txt
--localhost_access_log2016-06-29.txt

I only want to get the log generated today, but I do not know how to configure inputs.conf.

Can u help me?
thk u v m

Tags (2)
0 Karma
Reply

Raghav2384
Motivator
โ€Ž06-29-2016 09:51 AM

Hello,

May be ignoreOlderThan=1d?. Refer this answer

https://answers.splunk.com/answers/80608/how-to-make-a-forwarder-ignore-logs-other-than-todays-ignor...

Thanks,
Raghav

0 Karma
Reply