File Monitor configured - but nothing is indexing ? here is my inputs.conf [monitor://C:\xxxx\xxxxxx\xxxxxxx\xxxxx.docx] [monitor://C:\xxxxx\xxxxxxx\xxxxxx.docx] disabled = 0 index=file...
Hi All,
I want to monitor files which keeps changing the filename according to the current date falling under respective month and year directory. Can anyone please help me out how can we monitor t...
Hello all, I have what is probably a pretty basic question about configurationfiles. I know the precedence goes like this: 1. System local directory -- highest priority 2. A...
Hello. I'm trying to view Splunk configuration, but getting a very odd error:
splunk@test1:/> /opt/splunk/bin/splunk show config authentication Splunk username: admin Password: Can't create d...
...ocation is restricted to a subset of the otherwise generally available set of conf directories, as listed in this topic:
http://www.splunk.com/base/Documentation/latest/Admin/Wheretofindtheconfigurationfiles
I have hundreds of logs in my directory. I need the entire data from each log to be represented as one event. May I know what settings I should use in props.conf to represent each log file as an s...
After upgrading from Splunk Enterprise 6.4.3 to 6.5.0, the ldapsearch in Splunk Supporting Add-on for Active Directory (2.1.3) is now getting the error - "SSL configuration issue: invalid CA public k...
Hi,
I need to monitor two catalina logfiles that are in the same directory, but have different formats (and sourcetypes).
The naming convention is ../catalina.YYYY-MM-DD.log and catalina.out.Y...