Hi,
Today I've added a new integration "Custom Windows Event Logs" but with a custom Dataset name. Sadly I've made a mistake and put some capitalisation in it (winlog.TerminalServices) and the integration didn't go well.
I've recreated it from scratch with a new dataset name (winlog.tse) and this time it goes well.
But now when trying to create the same integration in another agent policy, despite selecting the good dataset (winlog.tse) I get an error related to the previously mistakenly created dataset.
Error installing winlog 2.1.0: invalid_index_template_exception Root causes: invalid_index_template_exception: index_template [logs-winlog.TerminalServices@package] invalid, cause [Validation Failed: 1: name must be lower cased;]
From the name "winlog.TerminalServices@package" it seems to be a component template but I can't find it (from Stack Management or the Dev Tools Console). It is expected as it was not created because of the wrong name.
And even when I try to update the integration, I encounter the same error. That's weird!
I did a full rolling restart of my cluster but it's not better.
Bonus question please :
Why is there so many dataset with the same name appearing in this list?
Thanks a lot for your help!
Regards.