Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

adding rolling.logs to splunk windows

brod_geico
Path Finder
‎12-11-2014 11:32 AM

I need to input below file to splunk 

D:\Debug\Log\Forms\Rollingfile

and
D:\Debug\Log\Forms\Rollingfile.log20140228 with time stamp multipe file

i tried with below things in inputs.conf file but only Rollingfile was showing

Rollingfile.log20140228 not showing in splunk 

[monitor://D:\Debug\Log\Forms\*.log*]
recursive = true
crcSalt = 
whitelist = \.log$|\.txt$|\.xml$|\.out$
sourcetype = log4net
index = int


[monitor://D:\Debug\Log\Forms\]
recursive = true
crcSalt = 
disabled = 0
followTail = 0
whitelist = \.(log$
sourcetype = log4net
index = int
0 Karma
Reply

martin_mueller
SplunkTrust
SplunkTrust
‎12-11-2014 04:04 PM

Your whitelists ending in .log, .txt, etc. are conflicting with the file name ending in the date.

0 Karma
Reply

brod_geico
Path Finder
‎12-11-2014 12:21 PM

tried too not working

[monitor://D:\Debug\Log\Forms\Rollingfile*]
recursive = true
crcSalt =
sourcetype = log4net
index = forms_int

0 Karma
Reply

somesoni2
Revered Legend
‎12-11-2014 11:43 AM

Try this

[monitor://D:\Debug\Log\Forms\Rollingfile*]
recursive = true
crcSalt = <SOURCE>
sourcetype = log4net
index = int
0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...