Solved: Inputs not working

jgorman_THG · ‎08-21-2018

Hi,

I have the following input setup and it won't work. I cannot figure out what is wrong with it.

Any ideas?

Thanks,

JG

[monitor:///C:\Program Files (x86)\Syslogd\Logs\SyslogCatchAll-192.15.0.2-2018-08-08.txt]
whitelist = *192.15.0.2*.txt|
host_regex=-(.*)-\d\d\d\d-\d\d-\d\d.txt 
sourcetype = meraki
index = Meraki
# ignoreOlderThan = 30d
disabled = false

horsefez · ‎08-21-2018

@jgorman_THG,
the problem could be that you use three / slashes in the monitor stanza.

Try this
[monitor://C:\Program Files (x86)\Syslogd\Logs\SyslogCatchAll-192.15.0.2-2018-08-08.txt]

Also... have you restarted splunk after configuring this?

View solution in original post

horsefez · ‎08-21-2018

@jgorman_THG,
the problem could be that you use three / slashes in the monitor stanza.

Try this
[monitor://C:\Program Files (x86)\Syslogd\Logs\SyslogCatchAll-192.15.0.2-2018-08-08.txt]

Also... have you restarted splunk after configuring this?

horsefez · ‎08-22-2018

@jgorman_THG were you able to fix the problem?

jgorman_THG · ‎08-22-2018

Yup! that fixed it! I know it was something silly and small like that.

Inputs not working

Splunk Platform | Upgrading your Splunk Deployment to Python 3.9

From Product Design to User Insights: Boosting App Developer Identity on Splunkbase

Detect and Resolve Issues in a Kubernetes Environment