Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Why is my index list not complete for Data Input Files and Directories?

kent_farries
Path Finder
‎11-11-2014 10:55 AM

When trying to pick my index from the list in Data Input Files & Directories it does not show. For some reason it only goes to session_start and all the indexes after that do not show. If I use the UDP input they all show up.

Splunk 6.2 on Windows Server 2012 R2
Google Chrome 38.x
IE 11

I don't know if this has anything to do with the above but Splunk stopped indexing my files in a directory called Varonis. When I created a new index index called abcd it worked fine.

Tags (3)
Reply
1 Solution
Solved! Jump to solution
Solution

kent_farries
Path Finder
‎11-11-2014 11:11 AM

Thanks, I checked and it does exist

I managed to find a work around as maybe this is a bug in the 6.2 GUI.

Data Input, Files & Directories

  1. Point to an empty folder

  2. Use the default data index instead of trying to select one since it will not got past the letter s in my case.

  3. After the Data Input is created go back in and change the index from default to the one I want which did not show above. Yes this works just fine.

  4. Add files to the folder. Did not want to do this before since it would start indexing the files into main.

Take care.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

kent_farries
Path Finder
‎11-11-2014 11:11 AM

Thanks, I checked and it does exist

I managed to find a work around as maybe this is a bug in the 6.2 GUI.

Data Input, Files & Directories

  1. Point to an empty folder

  2. Use the default data index instead of trying to select one since it will not got past the letter s in my case.

  3. After the Data Input is created go back in and change the index from default to the one I want which did not show above. Yes this works just fine.

  4. Add files to the folder. Did not want to do this before since it would start indexing the files into main.

Take care.

0 Karma
Reply
Solved! Jump to solution

Raghav2384
Motivator
‎11-11-2014 11:03 AM

Use this too see if the index you are referring to exists:
|REST /services/data/indexes|dedup title|table title. Also check the inside db/to see if the index is listed.

0 Karma
Reply
Get Updates on the Splunk Community!

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...