Well, that was worth a shot, fixed a couple of the db's, but one didn't like it. at com.mysql.jdbc.ExportControlled.transformSocketToSSLSocket(ExportControlled.java:186) ~[mysql-connector-java-8.0.27.jar:5.1.46] ... 37 more [<NewerDB_1>-Scheduler-1] 31 Jan 2024 13:31:55,299 INFO DBCollectorAgentMonitorDelegate - Stopping DB collector agent 'NewerDB''s delegate... [Thread-172] 31 Jan 2024 13:31:55,313 INFO ADBCollector - DB collector [NewerDB] shut down! [Thread-174] 31 Jan 2024 13:31:55,316 INFO ADBAvailabilityCollector - DB Availability Metrics collector [NewerDB] shut down! [Thread-173] 31 Jan 2024 13:31:55,318 INFO ADBCollector - DB collector [NewerDB_1] shut down! [Thread-178] 31 Jan 2024 13:31:55,319 INFO ADBAvailabilityCollector - DB Availability Metrics collector [NewerDB_1] shut down! [<NewerDB>-Scheduler-4] 31 Jan 2024 13:31:55,323 INFO DBCollectorAgentMonitorDelegate - DB collector agent monitor delegate [NewerDB] shut down! [<NewerDB>-Scheduler-4] 31 Jan 2024 13:31:55,323 INFO DBAgentMonitor - DBAgentMonitor stopped I'm guessing that I somehow have to register a new agent that uses  mysql-connector-java-5.1.49.jar and point the old db's to that collector. That is, I need a second MySQL "Database Type" with a separate Agent so that the old db's will have a collector will uses the 5.1 jar and the new db's continue to use the Default MySQL collector which uses the 8.0 jar file. 

See the Masa diagrams - https://community.splunk.com/t5/Getting-Data-In/Diagrams-of-how-indexing-works-in-the-Splunk-platform-the-Masa/m-p/590774 Timestamp extraction is one of the very first steps in event processing. So even if you later decide to drop (send to nullQueue) some events, that will be done way later in the pipeline.

Yeah I tried out the LINE_BREAKER provided above but didn't seem to have any luck. No matter what I have tried I haven't been able to get it working as hoped. I think you're right in that the layout as is is just bad so I'm going to go back to the drawing board and try to change how the logs are formatted prior to hitting Splunk. 

Hello @PickleRick  for your insight, yes that's exactly what I am saying, the new nodes cany get license from the new cluster manager because  its clashing with the old terminated/obsoleted aws instance.  How do I resolve this please?

Hi @Geoff.Wild, So I'm doing my best to parse info from existing tickets. Here is some other info I found. Please use the hostname and port field and verify the behavior. (You can edit the collector config and use the hostname/port fields) (the info below most likely references older versions of agents) Replaced MySQL JDBC driver in  <db-agent>/lib  with 5.1.49v and renamed it as  mysql-connector-java-8.0.28.jar Restarted the DB Agent and the data started reporting for the problematic collectors I hope this helps lead you to try some new things.  

Sorry I am bit lost here, how can I run the command if I don't use addcoltotals please? Without addcoltotals labelfield="Total Delivered" the field Total Delivered will not exists to do count by. And if I add the command addcoltotals labelfield="Total Delivered" to your suggestion, it defeats the purpose, unless I am thick which I very well can be!

Well, I tried the solution above, replaced mysql-connector-java-8.0.27.jar with an older version, mysql-connector-java-5.1.49.jar which I got from https://downloads.mysql.com/archives/get/p/3/file/mysql-connector-java-5.1.46.tar.gz  This broke the other Mysql db collectors and didn't fix the one I was trying to. So I reverted my change. The error message for them was: java.sql.SQLException: No suitable driver found for jdbc:mysql://myhost.mydomain:3306/

Hi @Amit.Bisht, I searched for your error and found a few existing posts that mention it. Please take a look and see if you can find a solution or a lead in them. https://community.appdynamics.com/t5/forums/searchpage/tab/message?filter=location&q=%22Result:%20401%20Unauthorized%20-%20content:%22&noSynonym=false&inactive=false&advanced=true&location=category:Discussions&sort_by=topicPostDate&collapse_discussion=true&search_type=thread