Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to upload multiple files in Splunk? Is it possible to upload multiple files like 100 1MB files in Splunk at the same time?

swati_sharma
New Member
‎07-06-2015 04:16 AM

How to upload multiple files in the Splunk?

Tags (3)
0 Karma
Reply

supunsap
New Member
‎01-08-2018 02:00 AM

If you want to upload multiple files in Splunk, you can zip file and browse it

0 Karma
Reply

jeffland
SplunkTrust
SplunkTrust
‎07-06-2015 05:10 AM

Do you want to upload them from the Web UI? I don't think that would work with the wizard there.

However, if you can, simply move your files to the instance running splunk and add a file monitor to those files, indexing them only once (not continuously).

0 Karma
Reply

swati_sharma
New Member
‎07-07-2015 11:57 PM

Is there no way to upload the directory to the splunk likewise we uploaded files?

0 Karma
Reply

csnidsplunk
Explorer
‎09-03-2015 07:53 AM

Why dont you put them all in a zip. Keep under 500 MB and u have your one file. 😉 Worked for me.

Reply

swati_sharma
New Member
‎07-07-2015 11:47 PM

yes, through Web UI, If I am not wrong, you want to say that we can't upload directory having 1MB*100files to the splunk.
Is there any other way by which we can upload the directory to the splunk.?

0 Karma
Reply

jeffland
SplunkTrust
SplunkTrust
‎07-08-2015 02:54 AM

Why don't you try either the oneshot from the cli, or if you like to work with the ui setting a monitor to that directory, indexing once? That does exactly what you need.

How else would you "upload" a directory? The "Add Data" wizard handles individual files, I don't see how you would apply it to more than one file.

0 Karma
Reply

swati_sharma
New Member
‎07-06-2015 04:17 AM

Please reply as soon as possible. whatever it would be.

0 Karma
Reply

bmacias84
Champion
‎07-06-2015 02:32 PM

I would use oneshot from the cli. The web interface doesn't support multiple files. Just run oneshot from any forwarder configured to send to your indexer.

http://docs.splunk.com/Documentation/Splunk/6.2.3/Data/MonitorfilesanddirectoriesusingtheCLI

0 Karma
Reply
Get Updates on the Splunk Community!

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...