My inputs.conf contains:
[monitor:///usr/local/ecc_to_splunk/pickup/*.sp.*]
disabled = false
followTail = 0
host =
host_regex = /usr/local/ecc_to_splunk/pickup/(\w+)
sourcetype = clariion_sp
/usr/local/ecc_to_splunk/pickup contains:
APM00083100781.sp.20101221
APM00083100781.sp.20101222
APM00083100781.sp.20101223
APM00084800327.sp.20101221
APM00084800327.sp.20101222
APM00084800327.sp.20101223
APM00094100281.sp.20101221
APM00094100281.sp.20101222
APM00094100281.sp.20101223
but I'm getting this in splunkd.log:
INFO TailingProcessor - No configurations match, will ignore path='/usr/local/ecc_to_splunk/pickup/APM00084800327.sp.20101221'
It doesn't make a lot of sense as I have an almost identical monitor that's working fine - [monitor:///usr/local/ecc_to_splunk/pickup/*.disk.*]
Thanks in advance.
