Solved: Re: creation of new index through ds not working

spyme72 · ‎10-31-2013

i created a new index by creating a new TA app.
i added the indexes.conf to the default folder . when i pushed the configuration the index is not getting created.
getting the following error
Search peer stluspkidxdev02 has the following message: received event for unconfigured/disabled/deleted index='windows' with source='source::WinEventLog:Application' host='host::stlwexchcast01' sourcetype='sourcetype::WinEventLog:Application' (2 missing total)
x

lguinn2 · ‎11-01-2013

The error message is indicating that the index is not available.

Did you restart the indexer after installing the new TA app? Indexes do not become available until after the indexer is restarted, unless the index was created via the Splunk GUI.

You can restart splunkd using the deployment server, or you can manually restart the indexer(s).

View solution in original post

lguinn2 · ‎11-01-2013

The error message is indicating that the index is not available.

Did you restart the indexer after installing the new TA app? Indexes do not become available until after the indexer is restarted, unless the index was created via the Splunk GUI.

You can restart splunkd using the deployment server, or you can manually restart the indexer(s).

creation of new index through ds not working

Modern way of developing distributed application using OTel

Enterprise Security Content Update (ESCU) | New Releases

Archived Metrics Now Available for APAC and EMEA realms