So I've read the docs on how to properly format a monitor stanza in Windows.. and am trying to monitor a dir full of csv files. Here's the stanza:

# Windows Log Processor
[monitor://C:\Users\user\Desktop\ICTExports\*.csv]
disabled = false
crcSalt = <SOURCE>
ignoreOlderThan = 2d
index = it_app_ict
sourcetype = csv

 I added the crcSalt bit because without it the files in the monitor directory were generating the seekptr errors since the first few lines in all the files are identical.

And here's the error in splunkd.log:

10-05-2022 10:25:25.768 -0500 INFO  TailingProcessor [3624 MainTailingThread] - Parsing configuration stanza: monitor://C:\Users\user\Desktop\ICTExports\*.csv.
10-05-2022 10:25:25.768 -0500 INFO  TailReader [3624 MainTailingThread] - State transitioning from 1 to 0 (initOrResume).
10-05-2022 10:25:25.768 -0500 INFO  TailReader [3624 MainTailingThread] - State transitioning from 1 to 0 (initOrResume).
10-05-2022 10:25:25.768 -0500 INFO  TailingProcessor [3624 MainTailingThread] - Adding watch on path: C:\Users\user\Desktop\ICTExports.

So it's been ~5 minutes since I last restarted the service and there's no further mention of the monitor path nor any of the .csv's within it. There is one file that falls within the 2d period so Im expecting it to be read.

What can I do?

Thanks!