HI ,
I have below log files in the /repo/logs directory.
http_access_management_console_2016-04-25.log
http_access_management_console_2016-04-26.log
http_access_management_console_2016-04-27.log
http_access_management_console_2016-04-28.log
http_access_management_console_2016-04-29.log
carbon.log
carbon.log.2016-04-27
carbon.log.2016-04-28
carbon.log.2016-04-29
http_access_management logs were recorded with dates for each day, where as carbon.log is today's log, and old dated logs are older logs.
to monitor http_access logs i am using the below command
./splunk add monitor /repository/logs/http_acce*.log -index hello -sourcetype esb-http-access-logs
and its throwing me the error
Parameters must be in the form `-parameter value`
and for carbon logs to monitor i am using the command
./splunk add monitor /repository/logs/wso2carbon.* -index hello -sourcetype esb-carbon-logs
and its also throwing me same issue.
Parameters must be in the form '-parameter value'
Was trying couple of different formats, nothing was working. Can someone help me on this?
↧