1. list monitored files/directories:
/opt/splunk/bin/splunk list monitor
2. remove a file/directory from monitoring/indexing:
/opt/splunk/bin/splunk remove monitor /path/to/file/or/dir
3. add a file for monitoring:
/opt/splunk/bin/splunk add monitor /var/log/httpd/access_log
4. add a oneshot file for indexing:
/opt/splunk/bin/splunk add oneshot /var/log/httpd/access_log
5. remove a oneshot file/directory from monitoring/indexing:
/opt/splunk/bin/splunk remove oneshot /path/to/file/or/dir
6. list forward servers (splunk servers this host forwards to):
/opt/splunk/bin/splunk list forward-server
No comments:
Post a Comment