Splunk not ingesting opencanary.log

extremepaperclip commented 11 months ago

Discussed in https://github.com/thinkst/opencanary/discussions/317

^{Originally posted by **extremepaperclip** October 22, 2023} Has anyone else experienced this? Splunk is not ingesting the opencanary.log. I set up the monitor via inputs.conf (and I can successfully ingest if I run "tail -n 1 opencanary.log > test.log" Splunk ingests the test.log just fine). I have a support ticket open with Splunk Support, and so far they cannot figure this out as well. If anyone has experienced this and solved the issue - please let me know what the fix was. Thanks!! I love this project! ExtremePaperClip

github-actions[bot] commented 11 months ago

This issue is stale because it has been open for 14 days with no activity.

github-actions[bot] commented 10 months ago

This issue was closed because it has been inactive for 14 days since being marked as stale.

thinkst / opencanary

Splunk not ingesting opencanary.log #318

Discussed in https://github.com/thinkst/opencanary/discussions/317