Month: October 2017

How to get a real-time view of Splunk file onboarding

Recently I was onboarding a large number of files into Splunk (nearly 2,800 files, with a total size of around 1 TB), and needed to view the progress in real time. I was pointed to this blog post, which has a neat python script to show real-time status of the Tailing Processor’s activities. This posed a problem as