How to index different files with the same content

rayar · ‎05-11-2021

I have a folder with file generated once a day

I would like to index all files event the files have the some content

for example

1_x.csv

2_x.csv

.

I would like to index both files even they are identical

the below is the input

[monitor://\\ntnet\filestore1\information_security$\OS_Security_Splunk\*\...\*]
disabled = false
index = os_security
sourcetype = csv_current_time
crcSalt = <SOURCE>
initCrcLength = 1024
recursive = true
whitelist = \.csv$

rayar · ‎05-11-2021

the message I have in the index=_intenal is

File will not be read, seekptr checksum did not match (file=\\ntnet\filestore1\information_security$\OS_Security_Splunk\CMI\Tripwire\Compliance Report\Comcast_Ent\15-04-21_Comcast_Ent.csv). Last time we saw this initcrc, filename was different. You may wish to use larger initCrcLen for this sourcetype, or a CRC salt on this source. Consult the documentation or file a support case online at http://www.splunk.com/page/submit_issue for more info.

How to index different files with the same content

using Splunk Enterprise

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.

Learn More or Register Now >

How to index different files with the same content

using Splunk Enterprise

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20. Learn More or Register Now >

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.

Learn More or Register Now >