My Splunk instance is not reading the latest entries from log files that I want to search. Through the web interface, I told it to look through everything in a folder. I thought this would include the most up to date file, but it seems it only includes all files in the folder that existed up to time of the configuration of the input.
I have added a `monitor` stanza to my `inputs.conf` that looks like:
[monitor://c:\Program Files\mything\Logs\*\ThingVer1_*.txt]
The wildcards are supposed to consume folders named `YYYYMMDD` (Year-Month-Day, the time of the folders' creation)
So far I am not getting any updated info in mysearch as a result of adding the monitor line.
Is there a log file that will tell me if my `inputs.conf` file is working?
↧