Am trying to run a command through perl and the results used as scripted input which will be indexed by splunk.
However i dont get any output when i run the script through splunk.
i have tried the perl "system" module and "backticks" but none of it works.
The script works fine if i run it manually through the command line.
$myresults = `find $flags -maxdepth 1 -type f -name $flags -mmin $min_val -ls`; print $myresults
The script has been added to the input.conf.
Some help will be much appreciated
changing the input.conf didnt help.
just to clarify.
The actual script works.only this line below doesnt return any results
find $flags -maxdepth 1 -type f -name $flags -mmin $min_val -ls;"
So the problem is with perl... have you try to build the command before execute?
$command = "find." ".$flags." -maxdepth 1 -type f -name"." ".$flags." -mmin ".$min_val." -ls";
Hope i help you
i found out scripted input in splunk doesnt seem to work well with linux "find" with the "-ls" flag
find . -maxdepth 1 -type f -name "*.xml" -mmin 300 -ls
when i use the find command without "-ls" it get an output