Splunk Search

Data is not getting imported through saved search



I want to import the data into splunk through scheduling, How It can be done ? at particular time let's say 10:00 A.M. data should be imported into splunk from a particular directory

Please help me out in this , seeking for help

Thanks in advance !!

0 Karma


Either write a scripted input that runs at the specified time and reads the files you're interested in, or create an external script that moves the files you're interested in into a directory that is monitored by Splunk.

0 Karma