Monitoring Splunk

How do I monitor a file through REST api

wava11
Engager

Hi,

I'm new to splunk and will be working with its REST api.
So far I've been adding files to be monitored using splunk's UI, but now i need to do so using its REST api.
Is it possible ?
If so how can it be done ?

Tags (1)

VatsalJagani
SplunkTrust
SplunkTrust

Hi @wava11,
There are two ways to do this. I prefer first because if you are beginner with RestApi and Splunk it will help you a lot to understand configuration file in general.

1st.
I hope you understand configuration files in splunk. There is a configuration file for storing input - inputs.conf. Adding stanza in it will add file to monitor. Learn how to write stanza in inputs.conf file http://docs.splunk.com/Documentation/Splunk/7.0.2/Admin/Inputsconf. Now there is a way in RestApi via which you can edit any configuration file in splunk - https://docs.splunk.com/Documentation/Splunk/7.0.2/RESTTUT/RESTconfigurations. Now you know the stanza add it via RestApi.

Restart the splunk and you are done.
(You can also restart Splunk with RestApi - https://[Host]:[Port]/services/server/control/restart)

2nd.
http://docs.splunk.com/Documentation/Splunk/7.0.2/RESTREF/RESTinput

Thanks,
@vatsaljagani

Get Updates on the Splunk Community!

Splunk Observability Cloud’s AI Assistant in Action Series: Analyzing and ...

This is the second post in our Splunk Observability Cloud’s AI Assistant in Action series, in which we look at ...

Elevate Your Organization with Splunk’s Next Platform Evolution

 Thursday, July 10, 2025  |  11AM PDT / 2PM EDT Whether you're managing complex deployments or looking to ...

Splunk Answers Content Calendar, June Edition

Get ready for this week’s post dedicated to Splunk Dashboards! We're celebrating the power of community by ...