Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Monitoring .txt file, indexation problem

medsy
Explorer
‎06-25-2020 03:33 PM

| inputlookup file.csv | search NOT [search index=sph | dedup DMC | table DMC ] | dedup number

In my scenario I have two files, a csv static file with a constant list of data and a .txt file which contains either the entire contents of the csv file or some. in fact I want to make a comparison if an element is not in the .txt file and it is in the csv file I display it in suite I alert. the problem now is in the monitoring of the .txt file, sometimes when it is a single line that changes it displays all the elements already present at the level of the .txt file as missing because it does not reindex.
can we monitor a file without indexing?

Labels (1)
Labels
Tags (3)
0 Karma
Reply
Get Updates on the Splunk Community!

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

The Transformative Power of AI and ML in Enhancing Observability   In the realm of IT operations, the ...

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...