All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Why can I not see all events from zoom?

okumar1
Engager
‎03-10-2022 09:26 PM

Hi All

 

I can not able to see events from zoom, however when i search in _internal index I can see count of events showing from soure=zoom_input.log.

Please help me, i have set up the integration as per given in splunk doc and my input port 9997 is listining too.

 

 

 

 

0 Karma
Reply

SanjayReddy
SplunkTrust
SplunkTrust
‎03-10-2022 09:47 PM

Hi @okumar1 

It seems you have confiured inputs.conf  with internal index name ,

ideally _internal need to contains only Splunk logs which are related to Splunk application.

can you check your inputs.conf on UF/where zoom logs are generating 

ideally it should present under $SPLUNK_HOME/etc/system/local


if you are not sure about the inputs.conf location run follwing command from $SPLUNK_HOME/bin

./splunk btool inputs list <mention sourcetypeof zoom> --debug


inptus.conf 

chck the index the name mentioned for zoom_input.log 

and update the correct index name other than _internal and restart the splunkd 


exmaple inputs.conf 

[monitor:///zoom_input.log]
sourcetype = access_common
Index=<update for correct index name>

0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...