Hi everyone, On my Linux machine, which has Splunk Forwarder and Splunk Add-on for Unix and Linux installed, I'm using this command to find the largest files on my server; sudo du -a /var/log | sort -n -r | head -n 20 It enlists the first 20 largest files in the /var/log directory. Now, I would like to do the same using Splunk. Is there a way to edit the inputs.conf file to be able to index the data onto Splunk or is there any type or search I can make use of to achieve this. Thanks in advance to anyone willing to help. Reagards, Hisham
... View more