Which feature allows Splunk to process new files added to monitored directories?

The feature that allows Splunk to process new files added to monitored directories is Real-Time Monitoring. This functionality enables Splunk to actively watch designated directories for changes. When a new file is added or an existing file is modified, the system automatically detects those updates and begins processing the new data almost immediately. This capability is essential for ensuring that data ingestion remains current, providing users with timely insights from fresh data.

In contrast, file compression refers to reducing the size of files for storage efficiency, while log rotation involves managing log files by archiving old logs and creating new log files to prevent any single log file from growing too large. Both of these processes do not directly facilitate the real-time ingestion of new files into Splunk. Automatic detection, while it may suggest recognizing new files, is not the specific term used in the context of Splunk’s functionality for continuous data monitoring and processing.