Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

SPLUNK could't parse all files in same directrory

Amirahussein
Path Finder
‎01-13-2020 01:24 AM

please need your support as SPLUNK didn't parse all files from same path, i.e for example in my inputs.conf there are 2 stanza to monitor two paths. each path has around 1250 files, so i should find around 2500 files when searching for files.
i updated inputs.conf with (crcSalt = ** and **initCrcLength = 2000) and nothing occurred

i found only the exact number of files after restarting SPLUNK service, so is it a mandatory to restart splunk every time i got the files to be parsed ?!!!

[monitor:///home/Path1/.xml]
disabled = 0
host_segment = 4
index = index1
sourcetype = sourcetype1
recursive = true
**crcSalt =
initCrcLength = 2000*

0 Karma
Reply

JohnGilmour
New Member
‎01-13-2020 04:04 AM

There are plenty of documents on the Splunk base that will go into details, take a look at the ignoreOlderThan data stanza.

In answer to the question about restarting splunk, you don't need to do a full system restart. Just the below command 

./splunk _internal call /services/data/inputs/monitor/_reload -auth
0 Karma
Reply
Get Updates on the Splunk Community!

The All New Performance Insights for Splunk

Splunk gives you amazing tools to analyze system data and make business-critical decisions, react to issues, ...

Good Sourcetype Naming

When it comes to getting data in, one of the earliest decisions made is what to use as a sourcetype. Often, ...

See your relevant APM services, dashboards, and alerts in one place with the updated ...

As a Splunk Observability user, you have a lot of data you have to manage, prioritize, and troubleshoot on a ...