Deployment Architecture
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Gettin Error FileClassifierManager, TailReader, FilesystemChangeWatcher on SPLUNK Universal Forwarder

thatiana_liz
New Member
‎04-30-2020 06:07 PM

Hello,

I am trying to upload a .csv file and I am getting three errors messagen in my internal logs

" -0400 ERROR TailReader - error from
read call from "WARN
FilesystemChangeWatcher - error
getting attributes of path
"D:\Dados\SKY\Compartilhado\TECNOL~1\MONITO~1\TransUnion2Splunk\O0055TRANSUNION_COLETAFINALDESEMANA_30042020.csv":
Access is denied."

" WARN FileClassifierManager - Unable
to open
'D:\Dados\SKY\Compartilhado\TECNOL~1\MONITO~1\TransUnion2Splunk\O0055TRANSUNION_COLETAFINALDESEMANA_TESTE.CSV'"

ERROR TailReader - error from read
call from
'D:\Dados\SKY\Compartilhado\TECNOL~1\MONITO~1\TransUnion2Splunk\O0055TRANSUNION_COLETAFINALDESEMANA_TESTE.CSV'.

And the the file is not uploading into Splunk.

I checked the permision, it's correct.
The SPLUNK UF it's executing System Account

Can you please help me figure out why I am getting this error and my file is not getting indexed?

My inputs.conf

[monitor://D:\Dados\SKY\Compartilhado\TECNOL~1\MONITO~1\TransUnion2Splunk\O0055TRANSUNION_COLETAFINALDESEMANA_*.CSV]
_TCP_ROUTING =  *
index=INDEX
source=INDEXXX:XXX
sourcetype=INDEXXX:XXX
disabled = 0
time_before_close = 60
multiline_event_extra_waittime = true
initCrcLength = 512
0 Karma
Reply

PavelP
Motivator
‎05-01-2020 01:09 AM

Hello @thatiana_liz ,

please check this answer: https://answers.splunk.com/answers/147511/filesystemchangewatcher-error-getting-attributes-of-path.h...

you need not only read permissions for the CSV file, but also "list folder content" permissions for all folders.

Let me know if it worked

0 Karma
Reply
Get Updates on the Splunk Community!

AI for AppInspect

We’re excited to announce two new updates to AppInspect designed to save you time and make the app approval ...

App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community

As we step into 2026, it’s the perfect moment to reflect on what an extraordinary year 2025 was for the Splunk ...

Operationalizing Entity Risk Score with Enterprise Security 8.3+

Overview Enterprise Security 8.3 introduces a powerful new feature called “Entity Risk Scoring” (ERS) for ...