Re: Shared Drive Folder monitoring in Windows Mach...

anandhalagarasa · ‎05-20-2019

Hi Team,

We got a request from a client stating to monitor the Shared Folder in a windows server. So currently I need the exact inputs.conf so that I can test the same.

File Path which needs to be monitored: D:\ABC-Test\XYZ-Test\DEF-T\LMN-T\OPQ-D*.log

In this Path "ABC-Test" is a shared folder and also "XYZ-Test" is also a shared folder.

It's a windows machine so kindly provide the inputs.conf so that i can update the same

Previously I have provided the stanza as something like this but it didn’t worked:

[monitor://D:\ABC-Test\XYZ-Test\DEF-T\LMN-T\OPQ-D*.log]
index = man
sourcetype = dev
disabled = 0

So kindly help on the same.

FrankVl · ‎05-22-2019

Have you confirmed that the user under which the Splunk process runs has permission to access that shared drive / folder?

harsmarvania57 · ‎05-22-2019

Looks like duplicate of https://answers.splunk.com/answers/746854/need-input-stanza-for-a-shared-drive.html

koshyk · ‎05-22-2019

Can the Splunk Universal forwarder be installed on the client Windows machine which shares the drive? Then it is the best way as you get a more consistent data and information like host, source correctly.

Plainly trying to read from shared drive may cause permissions issues etc. But worth a try if Splunk runs as admin by changing the stanza to the shared/mapped folder

anandhalagarasa · ‎05-21-2019

Can anyone help on this request please.

anandhalagarasa · ‎05-22-2019

Hi,

Can anyone help on my request.

Shared Drive Folder monitoring in Windows Machine

Enter the Splunk Community Dashboard Challenge for Your Chance to Win!

.conf24 | Session Scheduler is Live!!

Introducing the Splunk Community Dashboard Challenge!