Re: Environment variable used in search

fresned · ‎07-29-2011

How do you set up an Environment variable to be used as part of the path for your data?
I set an environment variable on the system and when I try and use the environment variable I receive an error. The error is :Encountered the following error while trying to save :in handler: machine name: Parameter name : Path must be absolute. The default datasources splunk uses have a set Environment variable as part of there location: $SPLUNK_HOME/etc/splunk.version. Any assistance would be great.

fresned · ‎07-29-2011

Yes where and how is $SPLUNK_HOME defined. I'm trying to define a value $FOO. in the bash shell i have defined export FOO='/opt/test/test1/' I can echo $FOO and get /opt/test/test1/. but splunk returns the error in handler: machine name: Parameter name : Path must be absolute

mw · ‎07-29-2011

Try setting your variable in $SPLUNK_HOME/etc/splunk-launch.conf and restarting. That may do it.

mw · ‎07-29-2011

Do you mean within the context of an input?

# inputs.conf
[monitor://$SPLUNK_HOME/etc/apps/cisco/logs/cisco_firewall.log]

Environment variable used in search

New Year, New Changes for Splunk Certifications

[Puzzles] Solve, Learn, Repeat: Unmerging HTML Tables

Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...

Join the Conversation

Environment variable used in search

New Year, New Changes for Splunk Certifications

[Puzzles] Solve, Learn, Repeat: Unmerging HTML Tables

Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...