Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

only monitor FILE NAME not Content

hoggjade
Engager
‎08-04-2011 03:59 AM

Good day

is it possible to only monitor FILE NAMES within a Directory and sub directories and not the Content of these files

Reason being, I need to have a Logging system that users can monitor if a File has been received, but they do not need to see the content

also it needs to read as Simply as possible

Reply

cpt12tech
Contributor
‎03-21-2016 03:30 PM

I have a similar need, I want to list all the files on a volume. These are large video files and I need a list of what is on the volume for reconciliation and searching. One way to set this up is create a Windows .bat file and schedule it to run. The script outputs to a text file. Then configure splunk to monitor the text file. Here is the .bat script:
dir e:\someFolderName*.* /b >>e:\fileNameForSplunkToMonitor.txt

fschange is being depriciated and splunk uses Windows security audit. This would be too cumbersome for my needs as I would have to search for all files added & deleted to get the current inventory.

Reply

mw
Splunk Employee
Splunk Employee
‎08-04-2011 06:52 AM

You can configure an fschange input stanza to monitor changes to the directory. That would probably be the easiest. Look for "fschange" on this page: http://www.splunk.com/base/Documentation/latest/admin/Inputsconf

Reply
Get Updates on the Splunk Community!

Splunk Mobile: Your Brand-New Home Screen

Meet Your New Mobile Hub  Hello Splunk Community!  Staying connected to your data—no matter where you are—is ...

Introducing Value Insights (Beta): Understand the Business Impact your organization ...

Real progress on your strategic priorities starts with knowing the business outcomes your teams are delivering ...

Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...

As of today, Enterprise Security (ES) Essentials 8.3 is now generally available, helping SOC teams simplify ...