Splunk Enterprise
Highlighted

Get data log from FTP

Engager

I'am using Windows 10 and I'am new to Splunk Enterprise. I had do some splunk search data log file that ingested from my PC that I addedmanually. How I make my Splunk Enterprise to receive or get data log file from FTP automatically to make a searching and reporting (so I don't have to manually add the data log) ?

 

Basiclly, I want my Splunk Enterprise connect to FTP and receive/ingest data log automatically

0 Karma
Highlighted

Re: Get data log from FTP

SplunkTrust
SplunkTrust
Have a look at the FTP Pull Add-on for Splunk app on splunkbase (https://splunkbase.splunk.com/app/4056/). It should do what you need.
---
If this reply helps you, an upvote would be appreciated.

View solution in original post

Highlighted

Re: Get data log from FTP

Engager

Is the add on has the documentation to use it?

0 Karma
Highlighted

Re: Get data log from FTP

SplunkTrust
SplunkTrust
The documentation is in a README file in the app.
---
If this reply helps you, an upvote would be appreciated.
Highlighted

Re: Get data log from FTP

Engager

thx!

0 Karma
Highlighted

Re: Get data log from FTP

Engager

I did configure the FTP Input, what to do next?

0 Karma
Highlighted

Re: Get data log from FTP

SplunkTrust
SplunkTrust
Now that you have data indexed you can search it. Once you do that, you may find you need to adjust some properties (line breaks, timestamps, etc) or extract fields. Let us know what you need help with.
---
If this reply helps you, an upvote would be appreciated.
0 Karma
Highlighted

Re: Get data log from FTP

Engager

@richgalloway 

 

Because my FTP server separately from my Splunk server, this is my Splunk Server identity:

IP Address: https://10.122.11.51:8000/

And this is my FTP server identity:

ftp://10.122.11.100/

username: splunktest

ftp://splunktest:Diposlipi20@10.122.11.100/

And this is my configuration on FTP Input:

 

name: 10.122.11.100

hostname: 10.122.11.100

username: splunktest

password: splunktest123

file path: ftp://10.122.11.100/

filename: *.log

 

Is it the correct configuration?

And I still confused with the name, hostname, and file path, can you help me?

 

 

 

 

 

0 Karma
Highlighted

Re: Get data log from FTP

SplunkTrust
SplunkTrust
'Name' is an identifier for the input. "MyFTPInput", for example.
'hostname' is the address of the FTP server
'file path' is the location on the FTP server where the file(s) you want to transfer are located.
For further details, you should contact the developer of the app.
---
If this reply helps you, an upvote would be appreciated.
0 Karma
Highlighted

Re: Get data log from FTP

Engager

Okay, I'll let you know if it's work

0 Karma
Speak Up for Splunk Careers!

We want to better understand the impact Splunk experience and expertise has has on individuals' careers, and help highlight the growing demand for Splunk skills.