I am testing out splunk and splunk storm for our cluster deployment. In our pilot, I have set up a single host quite well and am receiving data on splunk storm for now.
However, we have old log files that go back almost 4 years. Is it possible to add those files to splunk, by using the same sourcetypes as the ones I have designated for the live data? We have a lot of custom applications logging to /var/log and we have given them all custom types.
Thanks in advance.
... View more