All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Configuring AWS S3 data input with the exact path

denismo
New Member
‎12-10-2014 06:10 PM

I configured the AWS S3 input data source in Splunk Cloud. After specifying the bucket, it presented a choice of paths which are only 2 levels down from the root. Our logs are stored in a location which is 3 levels down, and at 2 levels down we have our data files and logs. So specifying the 2 level folder will ingest all our data and logs which is obviously not desirable.

Is there a way to either specify the exact path from which the logs should be read, or making the configuration UI look 3 levels down?

Thanks.

Denis

Tags (1)
0 Karma
Reply

_d_
Splunk Employee
Splunk Employee
‎12-11-2014 10:12 AM

Denis, there are two ways to work with S3 data "paths" not available in the dropdown for now: use of blacklists/whitelists or your modify the key_name attribute (i.e. "path") in the inputs.conf file. Also, note that S3 is unlike other filesystems where there is no "hierarchy" per se and each "path" is really a key name that identifies a file/object in your bucket.

0 Karma
Reply
Get Updates on the Splunk Community!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...