I'm running splunk 8.1.0.1 and Cisco eStreamer eNcore 4.0.9 and configured cisco FMC for estream integration but it doent show any logs. I have some Errors in splunkd.log and estreamer.log.

I dont  receive any result when I search for

sourcetype="cisco:estreamer:data"

splunkd.log:

12-01-2020 10:55:45.104 +0330 INFO DatabaseDirectoryManager - Finished writing bucket manifest in hotWarmPath=/opt/splunk/var/lib/splunk/_telemetry/db duration=0.000
12-01-2020 10:56:16.088 +0330 WARN LocalAppsAdminHandler - Using deprecated capabilities for write: admin_all_objects or edit_local_apps. See enable_install_apps in limits.conf
12-01-2020 10:56:35.888 +0330 WARN CalcFieldProcessor - Invalid eval expression for 'EVAL-first_pkt_sec' in stanza [cisco:estreamer:data]: The expression is malformed. Expected AND.
12-01-2020 10:56:43.574 +0330 WARN CalcFieldProcessor - Invalid eval expression for 'EVAL-first_pkt_sec' in stanza [cisco:estreamer:data]: The expression is malformed. Expected AND.
12-01-2020 11:00:00.002 +0330 INFO ExecProcessor - setting reschedule_ms=3599998, for command=/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk_instrumentation/bin/instrumentation.py
12-01-2020 11:00:45.541 +0330 ERROR ExecProcessor - message from "/opt/splunk/etc/apps/TA-eStreamer/bin/splencore.sh clean" find: ‘../../data’: No such file or directory
12-01-2020 11:04:45.710 +0330 WARN LocalAppsAdminHandler - Using deprecated capabilities for write: admin_all_objects or edit_local_apps. See enable_install_apps in limits.conf
12-01-2020 11:09:16.851 +0330 WARN CalcFieldProcessor - Invalid eval expression for 'EVAL-first_pkt_sec' in stanza [cisco:estreamer:data]: The expression is malformed. Expected AND.
12-01-2020 11:09:47.042 +0330 WARN CalcFieldProcessor - Invalid eval expression for 'EVAL-first_pkt_sec' in stanza [cisco:estreamer:data]: The expression is malformed. Expected AND.

estreamer.log

2020-12-01 10:57:47,097 Service ERROR [no message or attrs]: PID file already exists
2020-12-01 10:58:58,905 Monitor INFO Running. 3465700 handled; average rate 1604.32 ev/sec;
2020-12-01 10:59:47,105 Service ERROR [no message or attrs]: PID file already exists
2020-12-01 11:00:58,856 Monitor INFO Running. 3642600 handled; average rate 1597.5 ev/sec;
2020-12-01 11:01:47,003 Service ERROR [no message or attrs]: PID file already exists
2020-12-01 11:02:59,543 Monitor INFO Running. 3729700 handled; average rate 1553.92 ev/sec;
2020-12-01 11:03:46,998 Service ERROR [no message or attrs]: PID file already exists
2020-12-01 11:04:59,259 Monitor INFO Running. 3744100 handled; average rate 1485.59 ev/sec;
2020-12-01 11:05:47,086 Service ERROR [no message or attrs]: PID file already exists
2020-12-01 11:06:59,648 Monitor INFO Running. 3759600 handled; average rate 1423.95 ev/sec;
2020-12-01 11:07:47,049 Service ERROR [no message or attrs]: PID file already exists
2020-12-01 11:08:59,299 Monitor INFO Running. 3773900 handled; average rate 1367.29 ev/sec;
2020-12-01 11:09:47,126 Service ERROR [no message or attrs]: PID file already exists
2020-12-01 11:10:59,220 Monitor INFO Running. 3788200 handled; average rate 1315.21 ev/sec;