- Apps and Add-ons
- :
- All Apps and Add-ons
- :
- ActiveMQ JMS connection
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
I'm able to make a connection and also pool/browse messages from the queue.
My configuration is very similar to what described here :
http://blogs.splunk.com/2013/04/11/splunking-websphere-mq-queues-and-topics/
from inputs.conf
[jms://queue/:dynamicQueues/TestQ2]
browse_mode = all
browse_queue_only = 1
durable = 0
index_message_header = 1
index_message_properties = 1
init_mode = jndi
jms_connection_factory_name = ConnectionFactory
jndi_initialcontext_factory = org.apache.activemq.jndi.ActiveMQInitialContextFactory
jndi_provider_url = tcp://192.168.1.10:61616
sourcetype = syslog
strip_newlines = 1
browse_frequency = -1
destination_user =
index = main
But I have some strange phenomena :
Let say I have 9 messages in Queue called TestQ2.
When I run source="jms://queue/:dynamicQueues/TestQ2"
I've got 9,890 events .
When I filtered it with
source="jms://queue/:dynamicQueues/TestQ2"|dedup event_id
I got 9 events.
Please assist.
Regards,
Dmitry
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Because you have browse mode enabled. Browsing does not dequeue messages. And you have the frequency at -1 , so essentially it is in a constant browsing state of the same 9 messages.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello ! This post is great !
I need know something, how can i create the?
jms_connection_factory_name & jndi_initialcontext_factory
Any documentation fot this objects?
Regards in advance !
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ActiveMQ have good documentation : http://activemq.apache.org/jndi-support.html
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Because you have browse mode enabled. Browsing does not dequeue messages. And you have the frequency at -1 , so essentially it is in a constant browsing state of the same 9 messages.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If you can't consume the message , and you have to use a queue (vs a topic) , then I suggest you use mirrored queues : http://activemq.apache.org/mirrored-queues.html
Then you can turn off browse mode and consume directly from that mirror queue and you'll only get 1 copy of each message indexed in Splunk.
Dequeue = take off the queue
Enqueue = put on the queue
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Damien,
and thank you for an answer.
I understand the point ,but what if I can't consume message ,I need only browse existing messages.
If I understand right this is what you mean when you use dequeue ?
When I change frequency to higher value,I see the same issue,but much slowly.
There are plenty of tools for browse (HermesJMS for example)
but I would like to offer to our client to use Splunk for JMS too.
Regards,
Dmitry
Introducing the 2024 SplunkTrust!
Introducing the 2024 Splunk MVPs!
Splunk Custom Visualizations App End of Life
