hi,
I want to upload a bunch of files in a splunk i have a zipped file named SP.zip which is containing all the log files. I uploaded all the files using reg-ex given in splunk tutorial but its uploading only first log from the directory.
How can i upload all the logs?
Are you using an input.conf to monitor the folder where the files are ?
Are your files still zipped ?
If your files have the same 256 chars, they will be considered as duplicates and the other ones will be skipped.
check this http://docs.splunk.com/Documentation/Splunk/5.0.2/Data/HowLogFileRotationIsHandled
a workaround is you use the oneshot. and add each file manually (or script it)
./splunk add oneshot "path/to/my/file" -sourcetype mysourcetype
just built an app to make this easier...
UPLOADER! http://apps.splunk.com/app/1707
Hi callan,
thanks for making our life easier with this app.
I tried but could not install the app because of the following error -
There was an error processing the upload.Invalid app contents: archive contains more than one immediate subdirectory: and ._uploader
Splunk 6.6.2
regards
Pramodh
Are you using an input.conf to monitor the folder where the files are ?
Are your files still zipped ?
If your files have the same 256 chars, they will be considered as duplicates and the other ones will be skipped.
check this http://docs.splunk.com/Documentation/Splunk/5.0.2/Data/HowLogFileRotationIsHandled
a workaround is you use the oneshot. and add each file manually (or script it)
./splunk add oneshot "path/to/my/file" -sourcetype mysourcetype
got it !!!
Awesome!!!!!!...worked :)...how can i specify host also in the same ?