Archive

Splunk add-on and app logs

Path Finder

Hi,

I have a setup in which the deployment server pushes the SplunkTANIX add-on, Splunk unix app and JMX add-on to the deployment client, but the data is not flowing in.

1) Which logs should I check? Do the apps/add-ons have a separate log file, or are they included in the splunkd.log?

2) Which terms should I use to filter out the app and add-on logs from the splunkd.log?

Thanks,
Deepak

Tags (1)
0 Karma
1 Solution

Contributor

Are you sending the deployment clients logs back to your indexer(s)?
If so, check the internal index for clues.
`"index=
internal error"` might be a good start.

View solution in original post

0 Karma

Contributor

Are you sending the deployment clients logs back to your indexer(s)?
If so, check the internal index for clues.
`"index=
internal error"` might be a good start.

View solution in original post

0 Karma