Eventgen: Unable to generate multiple output files...

conaku · ‎11-19-2019

I want to generate multiple output files with defined size using the "fileMaxBytes" and "fileBackupFiles" parameters but these parameters are not working for me. Please suggest.
Here is the configuration file that I have developed:

[global]
generatorWorkers = 10
threading = process
#threading = thread


[wls_day-01_1v.sample]
mode=sample
sampleDir = /root/ashish/cybersecurity/splunk_eventgen/eventgen/lanl_datagen
sampletype = csv
hourOfDayRate = { "0": 0.30, "1": 0.10, "2": 0.05, "3": 0.10, "4": 0.15, "5": 0.25, "6": 0.35, "7": 0.50, "8": 0.60, "9": 0.65, "10": 0.70, "11": 0.75, "12": 0.77, "13": 0.80, "14": 0.82, "15": 0.85, "16": 0.87, "17": 0.90, "18": 0.95, "19": 1.0, "20": 0.85, "21": 0.70, "22": 0.60, "23": 0.45 }
dayOfWeekRate = { "0": 0.55, "1": 0.97, "2": 0.95, "3": 0.90, "4": 0.97, "5": 1.0, "6": 0.99 }
randomizeCount = 0.2

interval = 3
#earliest = -1s
#latest = now

outputMode = file
fileName = /nvme_data5/Event1V.log
fileMaxBytes = 10485760
fileBackupFiles = 5
count = 1000

token.0.token = \d{2}/\d{2}/\d{4} \d{2}:\d{2}:\d{2},
token.0.replacementType = timestamp
token.0.replacement = %m/%d/%Y %H:%M:%S,

token.1.token = (12345)
token.1.replacementType = integerid
token.1.replacement = 1000

token.2.token = (4688)
token.2.replacementType = file
token.2.replacement = /root/ashish/cybersecurity/splunk_eventgen/eventgen/lanl_datagen/eventId.sample

Eventgen: Unable to generate multiple output files with defined size

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!