What this will give you is a timestamped event that looks like:
Wed Aug 19 17:33:19 PDT 2015
224 /pathtothedirectory
32
Where 224 is the size in MB and 32 is the number of files. You will get a separate event in Splunk every time the script runs. Each time the script runs, it will count all the files and their size. If you want to do something based on individual files or on the modification/creation time of the files, change the script to generate the data that you want.
If you want to calculate the delta between two runs of the script, you can do that in Splunk.
I suggest that you set up something, and send the script output to a test index. Then you can collect data for a day or two and play with it. When you get it working the way you want, just change the index setting in inputs.conf to send the info into some production index. (And delete the test index.)
Personally, I would set up the whole thing on a test box or my laptop before putting it in a production Splunk environment...
... View more