Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Updating eventgen.conf requires a Splunk restart

newportknight
Loves-to-Learn
‎01-23-2020 03:38 AM

Hi,

I am playing around with SA-Eventgen to generate data in a Dev environment but I find if I make a change to the eventgen.conf file I have to restart Splunk for it to take effect. (All I am doing is changing the date/time format)

Is there any other way to to make the change effective without having to carry out a restart? I have tried disabling and re-enabling via the Data input and also disabling and re-enabling the app itself but neither have the desired outcome.

Appreciate any help.

Cheers.

Paul.

Tags (1)
0 Karma
Reply

newportknight
Loves-to-Learn
‎01-23-2020 05:31 AM

Hi,

Thanks for replying.

I've tried using the URL suggested but it doesn't appear to have any effect.
There are no errors showing when I carry out a search using index="_internal" sourcetype="eventgen*"

Cheers.

Paul.

0 Karma
Reply

kamlesh_vaghela
SplunkTrust
SplunkTrust
‎01-23-2020 04:47 AM

@newportknight

Is that any Errors in eventgen logs? Please execute below search for the eventgen log if you can found anything helpful.

index="_internal" sourcetype="eventgen*"
0 Karma
Reply

zahrasidhpuri
Engager
‎01-23-2020 04:35 AM

Hey Paul,
You can try doing this: http[s]://[splunkweb hostname]:[splunkweb port]/debug/refresh

0 Karma
Reply
Get Updates on the Splunk Community!

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...