Solved: Re: How do you btool inputs.conf?

Mohsin123 · ‎09-26-2017

hi,
can you please tell me what is the right way to btool inputs.conf for a specific app context. I want to troubleshoot this error that is too much in my splunk search head messages notification : Received index from dleeted/missing/unconfigured indexes. I read previous blogs: it says your inputs.conf is sending data to an indx that doesnt exist

sbbadri · ‎09-26-2017

@shraddhamuduli

Login to the UF which you have got that error message and execute below command,

$SPLUNK_HOME$/bin/splunk btool inputs list --debug

Then find the stanza.

Below are the links which will be helpful to you,

https://www.splunk.com/blog/2012/10/02/tips-and-tricks-for-the-new-guy.html
https://docs.splunk.com/Documentation/Splunk/6.6.3/Troubleshooting/Usebtooltotroubleshootconfigurati...

View solution in original post

sbbadri · ‎09-26-2017

@shraddhamuduli

Login to the UF which you have got that error message and execute below command,

$SPLUNK_HOME$/bin/splunk btool inputs list --debug

Then find the stanza.

Below are the links which will be helpful to you,

https://www.splunk.com/blog/2012/10/02/tips-and-tricks-for-the-new-guy.html
https://docs.splunk.com/Documentation/Splunk/6.6.3/Troubleshooting/Usebtooltotroubleshootconfigurati...

Mohsin123 · ‎09-26-2017

thanks . by uf , do u mean this path in our deployment server right ?
/opt/splunk/etc/deployment-apps/

sbbadri · ‎09-26-2017

I meant Universal Forwarder. /opt/splunk/splunkuniversalforwarder/bin

How do you btool inputs.conf?

Building Reliable Asset and Identity Frameworks in Splunk ES

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

Automatic Discovery Part 3: Practical Use Cases

Are you a member of the Splunk Community?

How do you btool inputs.conf?

Building Reliable Asset and Identity Frameworks in Splunk ES

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

Automatic Discovery Part 3: Practical Use Cases