I want to input into splunk the "events" of my fire alarms of all the branch offices.
Is there a way I can manually create an index=firealarm and periodically fill fields I will create such as:
date: 26 october
branch: 01
alarmid: 125
reason: smoking
etc...
I will add new events everytime an alarm is triggered. I know I can do this in excel, but I want to store these data on Splunk and build dashboards too
Hi @dritjon,
you can create an input that reads file with the name and format of your files from a folder that you can access.
then, when you have files to index, you can copy them in this folder and Splunk automatically index them and put them in the index you want.
You can follow this approach both on one indexer or in one other server with a Splunk full instance (Heavy Forwarder) or Universal Forwarder.
Ciao.
Giuseppe