Hi @cmutt78_2
https://yoursplunkinstance/en-US/manager/search/data/inputs/TA-Akamai_SIEM ?
You should see an empty table with a green "Add" button at the top right, something like this:
The other thing you could try is running:
/opt/splunk/bin/splunk cmd splunkd print-modinput-config TA-Akamai_SIEM TA-Akamai_SIEMThis will trigger the same process as when the input is loaded by Splunk - check for any errors output here, you should end up with something that looks a bit like this:
<?xml version="1.0" encoding="UTF-8"?>
<input>
<server_host>macdev</server_host>
<server_uri>https://127.0.0.1:8089</server_uri>
<session_key>sVNwheYXxxx0QNqfj_xePWwhxVbraZc6pS4FNyHQzVe2KRgv7s6tjKrZg660zYhotfG0_W62rm0UA01XkVqBX4dNUls5pA7dWyjXMRUltbsjtsA</session_key>
<checkpoint_dir>/opt/splunk/var/lib/splunk/modinputs/TA-Akamai_SIEM</checkpoint_dir>
<configuration/>
</input>🌟 Did this answer help you? If so, please consider:
- Adding karma to show it was useful
- Marking it as the solution if it resolved your issue
- Commenting if you need any clarification
Your feedback encourages the volunteers in this community to continue contributing
Not there and no additional pages to navigate
Were you able to see the data input after restarting the Splunk services, or is it still missing?
My Akamai Data input:-
Where did you install the Akamai add-on, on the Heavy Forwarder (HF)? If it's on the HF, does it have a valid license? Some features require a license, which aren't available with the Free license.
For a heavy forwarder (HF), you should set up one of the following options:
1) Make the HF a slave of a license master. This will give the HF all of the enterprise capabilities - and the HF will consume no license, as long as it does not index data.
2) Install the forwarder license. This will give the HF many enterprise capabilities, but not all. The HF will be able to parse and forward data. However, it will not be permitted to index and it will not be able to act as a deployment server (as an example). This is the option I would usually choose.
