I am trying to upload documents from a user who's log files has multiple dots in the naming convention:
The logs have a *.0.1.log in its file extension, would it be possible to use *.*.*.log instead? |
The logs have a *-20210218.000023-5644-5716.0.log in its file extension, would it be possible to use *.*.*.*.log instead? |
The logs have a *-20201218.105324-11260-11240.0.log in its file extension, would it be possible to use *.*.*.log instead? |
The logs have a *-20210209.145105-16220-11864.0.log in its file extension, would it be possible to use *.*.*.log instead? |
The logs have a *-20201218.105324-25876-14744.0.log in its file extension, would it be possible to use *.*.*.log instead?
Is there a way to get all of these from .log to .*.*.*.log into Splunk using one monitoring stanza? |
Hi @nls7010,
Since monitor stanza supports regex you can try something below;
[monitor:///path/to/log/.*\-\d{8}\.\d+-\d+-\d+|.*\.\d\.log]