If you are a long time enterprise user of the 3.x product, you may have become used to the pull-down menu for distributed searching.   One of the common use cases for this menu was searching specific indexers in your distributed search.   A common question was:  “Can we restrict the server via search syntax?”.   In [...]

There are many ways to feed data into Splunk. One method is to monitor the files within a directory. In the default ‘monitor’ configuration, Splunk will try to index all files within a specified directory. In some cases, you may have a directory which contains many files including some that you do [...]