Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Host name can not be change

msona
Explorer
‎02-18-2011 11:12 AM

Hi all,

I am new to splunk, I want a directory name as Host name my directory structure is as follows:

C:/Program Files/Splunk/etc/apps/ntt_tougou/tougou_logs/AB/abcd/log1.csv
C:/Program Files/Splunk/etc/apps/ntt_tougou/tougou_logs/FS/kfcd/log1.csv
C:/Program Files/Splunk/etc/apps/ntt_tougou/tougou_logs/AVD/gbd/log1.csv

I want different host name like directory names AB FS AVD

input.conf:
[monitor:C:/Program Files/Splunk/etc/apps/ntt_tougou/tougou_logs/]
host_segment =7

By above configuration I am getting host name as default name of my computer. Is my settings are correct ? Where I am wrong ?

Your help will be appreciated.

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

rotten
Communicator
‎02-18-2011 03:20 PM

The only time we've used host_segment, the segment name is in the monitor stanza (rather than after it somewhere), and it has worked well for us.

ie:

Instead of -

C:/Program Files/Splunk/etc/apps/ntt_tougou/tougou_logs

Try something like -

C:/Program Files/Splunk/etc/apps/ntt_tougou/tougou_logs/.../.../*

I have no idea if that will help, but it is worth a try until someone with a more definitive answer can chime in...

View solution in original post

0 Karma
Reply
Solved! Jump to solution

msona
Explorer
‎02-21-2011 02:42 AM

it is inputs.conf sorry for spell mistake.

0 Karma
Reply
Solved! Jump to solution
Solution

rotten
Communicator
‎02-18-2011 03:20 PM

The only time we've used host_segment, the segment name is in the monitor stanza (rather than after it somewhere), and it has worked well for us.

ie:

Instead of -

C:/Program Files/Splunk/etc/apps/ntt_tougou/tougou_logs

Try something like -

C:/Program Files/Splunk/etc/apps/ntt_tougou/tougou_logs/.../.../*

I have no idea if that will help, but it is worth a try until someone with a more definitive answer can chime in...

0 Karma
Reply
Solved! Jump to solution

msona
Explorer
‎02-21-2011 06:14 AM

Thank you very much for the help....
Its working..!!!!

0 Karma
Reply
Solved! Jump to solution

Rob
Splunk Employee
Splunk Employee
‎02-18-2011 12:36 PM

Is your file named 'input.conf' or 'inputs.conf'?

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Event Series: Telemetry Pipeline Management

Balancing Scale and Spend: Gaining Control Over High-Volume Metrics in Splunk Observability Cloud As ...

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Evaluating an enterprise observability platform usually goes like this: fill out a form, get a free trial with ...

Deep insights, no barriers: Splunk Observability Cloud Free Edition

As software delivery cycles continue to accelerate, observability shouldn’t be a luxury — it should be a ...