What does the number of files means in Files & Dir...

ips_mandar · ‎07-15-2019

Hi,
I am monitoring zip files from folders with below inputs.conf:
What does the number of files denote shown in the screenshot?
Does that mean the number of files indexed or the number of files only monitored since I am giving ignoreOlderThan in inputs.conf?

[monitor://\\abcstoragen\PQRS\XYZ\(AbcdLogs|ABLogs)*\...\*.zip]
disabled = 0
index = abc
sourcetype = pqr
ignoreOlderThan = 3d
crcSalt = <SOURCE>

A number of files shows high count but yet no file is indexed and it is increasing since recently I created a new input.
Thanks!

woodcock · ‎07-28-2019

I would open a support case and also ask them to update the docs on this because it does different things for different types of inputs. For example, the Splunk_TA_nix has an input for /var/log/secure and this screen shows a value of 144 even though it only contains the exact file and 4 rotated files. This makes no sense.

Azeemering · ‎07-16-2019

Did you find this?

https://answers.splunk.com/answers/457038/what-does-the-number-of-files-in-the-data-inputs-f.html

What does the number of files means in Files & Directories Monitor and where does it come from?

Shape the Future of Splunk: Join the Product Research Lab!

Auto-Injector for Everything Else: Making OpenTelemetry Truly Universal

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

Are you a member of the Splunk Community?

What does the number of files means in Files & Directories Monitor and where does it come from?

Shape the Future of Splunk: Join the Product Research Lab!

Auto-Injector for Everything Else: Making OpenTelemetry Truly Universal

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions