Solved: Inputs not working

jgorman_THG · ‎08-21-2018

Hi,

I have the following input setup and it won't work. I cannot figure out what is wrong with it.

Any ideas?

Thanks,

JG

[monitor:///C:\Program Files (x86)\Syslogd\Logs\SyslogCatchAll-192.15.0.2-2018-08-08.txt]
whitelist = *192.15.0.2*.txt|
host_regex=-(.*)-\d\d\d\d-\d\d-\d\d.txt 
sourcetype = meraki
index = Meraki
# ignoreOlderThan = 30d
disabled = false

horsefez · ‎08-21-2018

@jgorman_THG,
the problem could be that you use three / slashes in the monitor stanza.

Try this
[monitor://C:\Program Files (x86)\Syslogd\Logs\SyslogCatchAll-192.15.0.2-2018-08-08.txt]

Also... have you restarted splunk after configuring this?

View solution in original post

horsefez · ‎08-21-2018

@jgorman_THG,
the problem could be that you use three / slashes in the monitor stanza.

Try this
[monitor://C:\Program Files (x86)\Syslogd\Logs\SyslogCatchAll-192.15.0.2-2018-08-08.txt]

Also... have you restarted splunk after configuring this?

horsefez · ‎08-22-2018

@jgorman_THG were you able to fix the problem?

jgorman_THG · ‎08-22-2018

Yup! that fixed it! I know it was something silly and small like that.

Inputs not working

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics!

New in Observability Cloud - Explicit Bucket Histograms