Reading CSV files from folder

SplunkBaby · ‎02-06-2014

Hi
I want to add multiple CSV files to a folder and want spunk to read all the CSV files in that folder.
Ie if i put a CSV file today i want splunk to read that file today and tomorrow also i will put files to that folder.I want splunk to read the file whenever i put CSV files to folder.
How can i achieve this.
Also i want _time field to reflect time when splunk reads the files.
How can i achieve this.

Ayn · ‎02-06-2014

Docs on getting data in: http://docs.splunk.com/Documentation/Splunk/latest/SearchTutorial/AboutgettingdataintoSplunk

_time as when Splunk reads the file: set DATETIME_CONFIG = CURRENT in props.conf.
http://docs.splunk.com/Documentation/Splunk/latest/Data/HowSplunkextractstimestamps
http://docs.splunk.com/Documentation/Splunk/latest/Data/Configuretimestamprecognition
http://docs.splunk.com/Documentation/Splunk/latest/admin/Propsconf

Reading CSV files from folder

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Automating Threat Operations and Threat Hunting with Recorded Future

Join the Conversation

Reading CSV files from folder

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Automating Threat Operations and Threat Hunting with Recorded Future