Hai All,
Please help me out to understand. how to continuously monitor a file from a shared folder or path?
Thanks in advance..
in inputs.conf, add [monitor:///full/path/to/file]
you can also use wildcards to constantly monitor many files:
[monitor:///full/path/to/*.log]
here all the files that ends with .log
read all documentation here:
http://docs.splunk.com/Documentation/Splunk/7.1.2/Data/Monitorfilesanddirectorieswithinputs.conf
hope it hepls
Its same as splunk file monitors if you are including the absolute path
Ref : https://docs.splunk.com/Documentation/Splunk/7.1.2/Data/Monitorfilesanddirectorieswithinputs.conf
Are you facing any issues?
@renjith.nair
I haven't tried it yet.. Just wanna get some idea about how to do it . So i posted a question.
Suggest you to try that first and let the community know if you have any issues.
@renjith.nair,
No issues.. I'm about to try that one. :-)..
Thanks
Per documentation
[monitor://]
* This directs a file monitor input to watch all files in .
* can be an entire directory or a single file.
* You must specify the input type and then the path, so put three slashes in
your path if you are starting at the root on *nix systems (to include the
slash that indicates an absolute path).