Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to feed bunch of files from the internet itself into SPLUNK

abhayneilam
Contributor
‎11-06-2012 08:43 AM

Hi,

I have some files uploaded to the internet ( one folder is there in which the files have been uploaded by some other team ). Each time I have to download those data from the internet folder and keep it in my desktop and have to import into SPLUNK.
Is there any way to import those data directly from the internet to SPLUNK without downloading and keeping it in the desktop.

For example, I have a link , say, http://abc/internet/folder/no=234561 which gets me the data . I want to directly feed this link to SPLUNK so that I dont have to download the data in my desktop, automatically whatever the data is present in that link will be imported to SPLUNK..

Kindly help me regarding this as this is needed in urgent basis

Thanks in advance

0 Karma
Reply

DaveSavage
Builder
‎11-06-2012 09:08 AM

I'd agree with Chris G 😉
If you have access to the absolute address you can do it the long way as Splunk will continually index a folder content..
Manager » Data inputs » Files & directories » \\192.168.0.5\users\Public\document...works...trial it on your system, changing everything after '\' to your specifics...Set to 'Continuously index data from a file or directory this Splunk instance can reach...etc

0 Karma
Reply

DaveSavage
Builder
‎11-06-2012 09:12 AM

...there were a few more slashes in there when I left it...

0 Karma
Reply

Ayn
Legend
‎11-06-2012 09:06 AM

Write a scripted that fetches the data and echoes it to standard output. Then setup a scripted input in Splunk that uses this script.

http://docs.splunk.com/Documentation/Splunk/5.0/Data/Setupcustominputs

Reply

alacercogitatus
SplunkTrust
SplunkTrust
‎11-06-2012 09:06 AM

If this data can be pulled programatically via a script language (python, perl, bash, curl, etc), then you can use one of two options

  1. Pull the data into Splunk via Scripted Input
    http://docs.splunk.com/Documentation/Splunk/5.0/AdvancedDev/ScriptSetup

  2. Pull the data down via crontab to a file. Splunk the file using monitor.
    http://docs.splunk.com/Documentation/Splunk/5.0/Data/Monitorfilesanddirectories

Reply

ChrisG
Splunk Employee
Splunk Employee
‎11-06-2012 09:02 AM

Sounds like a good use case for Splunk Storm.

0 Karma
Reply
Get Updates on the Splunk Community!

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...

Combine Multiline Logs into a Single Event with SOCK: a Step-by-Step Guide for ...

Combine multiline logs into a single event with SOCK - a step-by-step guide for newbies Olga Malita The ...

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

Take a look below to explore our upcoming Community Office Hours, Tech Talks, and Webinars this month. This ...