Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to upload multiple files in Splunk? Is it possible to upload multiple files like 100 1MB files in Splunk at the same time?

swati_sharma
New Member
‎07-06-2015 04:16 AM

How to upload multiple files in the Splunk?

Tags (3)
0 Karma
Reply

supunsap
New Member
‎01-08-2018 02:00 AM

If you want to upload multiple files in Splunk, you can zip file and browse it

0 Karma
Reply

jeffland
SplunkTrust
SplunkTrust
‎07-06-2015 05:10 AM

Do you want to upload them from the Web UI? I don't think that would work with the wizard there.

However, if you can, simply move your files to the instance running splunk and add a file monitor to those files, indexing them only once (not continuously).

0 Karma
Reply

swati_sharma
New Member
‎07-07-2015 11:57 PM

Is there no way to upload the directory to the splunk likewise we uploaded files?

0 Karma
Reply

csnidsplunk
Explorer
‎09-03-2015 07:53 AM

Why dont you put them all in a zip. Keep under 500 MB and u have your one file. 😉 Worked for me.

Reply

swati_sharma
New Member
‎07-07-2015 11:47 PM

yes, through Web UI, If I am not wrong, you want to say that we can't upload directory having 1MB*100files to the splunk.
Is there any other way by which we can upload the directory to the splunk.?

0 Karma
Reply

jeffland
SplunkTrust
SplunkTrust
‎07-08-2015 02:54 AM

Why don't you try either the oneshot from the cli, or if you like to work with the ui setting a monitor to that directory, indexing once? That does exactly what you need.

How else would you "upload" a directory? The "Add Data" wizard handles individual files, I don't see how you would apply it to more than one file.

0 Karma
Reply

swati_sharma
New Member
‎07-06-2015 04:17 AM

Please reply as soon as possible. whatever it would be.

0 Karma
Reply

bmacias84
Champion
‎07-06-2015 02:32 PM

I would use oneshot from the cli. The web interface doesn't support multiple files. Just run oneshot from any forwarder configured to send to your indexer.

http://docs.splunk.com/Documentation/Splunk/6.2.3/Data/MonitorfilesanddirectoriesusingtheCLI

0 Karma
Reply
Get Updates on the Splunk Community!

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...