Start monitoring your OpenShift environments in under 10 minutes.url = token = AF420832-F61B-480F-86B3-CCB5D37F7D0DĪll other configurations will be used from the default output output.splunk.Īnd override the outputs for the Pods or Project like collectord.io/output=splunk::prod1. You can specify behavior with the configuration. Some pipelines, like process stats, can be blocked for the whole host with Retry - this configuration keeps retrying.Drop - this configuration drops events with incorrect index.RedirectToDefault - this is the default behavior, which forwards events with an incorrect index to default index of the.Make a misprint in the index name or forget to enable writing capabilities for the token in Splunk.Ĭollector provides configuration how these errors should be handled with configuration incorrectIndexBehavior. When you override indexes with the annotations, it is a very common mistake to HTTP Event Collector rejects payloads with the indexes that specified Token does not allow to write. HTTP Event Collector incorrect index behavior Which is SplunkServerDefaultCert in case of default self-signed certificate.Īfter applying this update we set up trusted SSL connection between collector and HTTP Event Collector. The CA server certificate that collector should trust and identify the name of the server, specified in the certificate, In this configuration, we define the path to # Allow invalid SSL server certificate insecure = false # Path to CA cerificate caPath = /splunk-cacert/cacert.pem # CA Name to verify caName = SplunkServerDefaultCert
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |