So the rest API that I set up in Splunk will go out to this rest endpoint and the file that it will receive is a zip file. Inside this zip file, there are 2 CSV files but I only need to index 1 file (in this case, the file name is ENDPOINT_CDR_DETAIL_ALL_CSV). But I only see 3 options for the response type which is text, xml, and json. Does Splunk have an option for us to set may be a response handler to unzip the file and only index 1 file out of the 2?
The name and form of the file:
![alt text][1]
Content inside the zip file:
![alt text][2]
[1]: /storage/temp/218620-zipfilename.png
[2]: /storage/temp/218621-contentinzipfile.png
↧