Ive configured a SIEM collector to send generic log tail, but we are not receiveing any logs in the receiver. we checked the debug log and kept seeing this error over and over:
"<131> Oct 03 15:22:54 localhost SIEMCollector ERROR 0 FileTailBookmarkManager::Init Failed to access logs in directory [D:\AS400]: ERROR "
can someone help me to determine the problem? thanks
Can you provide the configuration you are using? What is the file name format of the files in the directory?
You can try unc path vs. D:\AS400 such as \\server\d$\AS400\
Also, can you validate the filemask matches the files in the directory? Can you try *.log if they end in log?
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center