Splunk_stream_app_location = stream_forwarder_id = Here are my current config files for directory /opt/splunk/etc/apps/Splunk_TA_stream/local# Invalid key in stanza in /opt/splunk/etc/apps/Splunk_TA_stream/local/nf, line 4: dedicatedCaptureMode (value: 1). I'm currently testing dedicated capture mode on Ubuntu instead of RHEL/CentOS. Why am I getting the following error message when running dedicated capture mode for Splunk stream? Followed the instructions outlined here. Other HEC-Endpoints on the HF are working fine. We aren't getting any info regarding the HEC-Endpoint in the internal logs. Maybe that's the problem? (as described here: ) We opened to the CIDR-Blocks as described here: We confirmed that the HEC-Endpoint is working via curl. Make sure HEC endpoint is reachable from Firehose and it is healthy."* *"Destination: - Failed to deliver data to Splunk or to receive acknowledgment. It's not working currently, we're getting the error:
We're trying to get cloudwatchlogs via Kinesis Firehose to a heavy forwarder in a VPC.
0 kommentar(er)
