The thing is the .zip file contains multiple hundred files of which i only need about 10 to analyse them in my Splunk Deployment, also sometimes its necessary to download multiple of these .zip files (each zip is a debug bundle of a client pc), and there are multiple users who might download +upload these to Splunk, so if possible i dont want to install a Forwarder on each host. The overall process should be somewhat like this, a authorirized Splunk User downloads the .zip files he wants to analyse manually, so lets say now he has 4 .zip files on his local machine. Now i need a way in Splunk to unpack the files that i want (about 10 out of the 300+ in the .zip), add 1-2 custom fields at index time to them, and upload them in an automated way.
... View more