Solved: Inputs not working

jgorman_THG · ‎08-21-2018

Hi,

I have the following input setup and it won't work. I cannot figure out what is wrong with it.

Any ideas?

Thanks,

JG

[monitor:///C:\Program Files (x86)\Syslogd\Logs\SyslogCatchAll-192.15.0.2-2018-08-08.txt]
whitelist = *192.15.0.2*.txt|
host_regex=-(.*)-\d\d\d\d-\d\d-\d\d.txt 
sourcetype = meraki
index = Meraki
# ignoreOlderThan = 30d
disabled = false

horsefez · ‎08-21-2018

@jgorman_THG,
the problem could be that you use three / slashes in the monitor stanza.

Try this
[monitor://C:\Program Files (x86)\Syslogd\Logs\SyslogCatchAll-192.15.0.2-2018-08-08.txt]

Also... have you restarted splunk after configuring this?

View solution in original post

horsefez · ‎08-21-2018

@jgorman_THG,
the problem could be that you use three / slashes in the monitor stanza.

Try this
[monitor://C:\Program Files (x86)\Syslogd\Logs\SyslogCatchAll-192.15.0.2-2018-08-08.txt]

Also... have you restarted splunk after configuring this?

horsefez · ‎08-22-2018

@jgorman_THG were you able to fix the problem?

jgorman_THG · ‎08-22-2018

Yup! that fixed it! I know it was something silly and small like that.

Inputs not working

Unlock Database Monitoring with Splunk Observability Cloud

Purpose in Action: How Splunk Is Helping Power an Inclusive Future for All

[Upcoming Webinar] Demo Day: Transforming IT Operations with Splunk

Join the Conversation

Inputs not working

Unlock Database Monitoring with Splunk Observability Cloud

Purpose in Action: How Splunk Is Helping Power an Inclusive Future for All

[Upcoming Webinar] Demo Day: Transforming IT Operations with Splunk