Patrick,
Further testing yields to a positive result. Script behaves
flawlessly, Splunk won't show new events immediately, but will
eventually index and display them (probably because it's a very low
traffic MX server).
Thanks Mark for the great work.
regards,
Patrick PRONIEWSKI
If it's a low-traffic server, turn on autoflush in the perl
program (add a line: $| = 1; somewhere near the beginning).
This way it will write each line immediately to stdout,
instead of buffering the output:
--- logfeeder-redis2stdout.pl~ 2014-05-08 17:47:13.898140766 +0200
+++ logfeeder-redis2stdout.pl 2014-10-06 15:38:09.852551962 +0200
@@ -16,2 +16,3 @@
+$| = 1;
binmode(STDOUT,':bytes') or die "Can't set STDOUT to bytes mode: $!";
Mark
