https://community.splunk.com/t5/Getting-Data-In/CEF-Format-parsing/m-p/576555#M101874 <P>There are several apps for that. Most popular being <A href="https://splunkbase.splunk.com/app/487/" target="_blank">https://splunkbase.splunk.com/app/487/</A></P> Mon, 29 Nov 2021 06:24:40 GMT PickleRick 2021-11-29T06:24:40Z https://community.splunk.com/t5/Getting-Data-In/CEF-Format-parsing/m-p/576554#M101873 <DIV class=""><DIV class=""><DIV class=""><DIV class=""><DIV class=""><DIV class=""><DIV class=""><DIV class="">&nbsp;</DIV><DIV class="">We have logs coming in from one of the source in CEF format. How to deal CEF Format data parsing in Splunk so that it get auto converted in field value pair.</DIV><DIV class="">Post that i could alias those fields basis on my datamodel need.</DIV><DIV class="">Kindly suggest. Thanks in advance</DIV></DIV></DIV></DIV></DIV></DIV></DIV></DIV><DIV class=""><DIV class="">&nbsp;</DIV></DIV> Mon, 29 Nov 2021 04:45:46 GMT https://community.splunk.com/t5/Getting-Data-In/CEF-Format-parsing/m-p/576554#M101873 pavanbmishra 2021-11-29T04:45:46Z https://community.splunk.com/t5/Getting-Data-In/CEF-Format-parsing/m-p/576555#M101874 <P>There are several apps for that. Most popular being <A href="https://splunkbase.splunk.com/app/487/" target="_blank">https://splunkbase.splunk.com/app/487/</A></P> Mon, 29 Nov 2021 06:24:40 GMT https://community.splunk.com/t5/Getting-Data-In/CEF-Format-parsing/m-p/576555#M101874 PickleRick 2021-11-29T06:24:40Z