- Apps and Add-ons
- :
- All Apps and Add-ons
- :
- Re: Is anyone using this Websphere application?
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, Is anyone using this application? I see several downloads, but 0 stars for a ranking, just trying to get input if this is working, it appears to be a great application? I would like some feedback. Thank you!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Our team is using it. I'm looking through the configs at the moment and it seems there are a lot of problems in the props.conf. They say you can use this on both search head / indexers. Some of the extractions are search time without a transform (EXTRACT-) and some are suppose to be index time (TRANSFORM-) only TRANSFORM should in fact be TRANSFORMS- (note the 's').
I'm considering separating the search time vs. index time extractions into two separate apps.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I installed this app about a year or so now and have a new internal request to ingest WebSphere logs into Splunk. Since the dashboards are still using Advanced XML rather than Simple I was debating trying to just create my own TA rather than install the app.
Have either of you done this approach already? I'd be interested in learning from your knowledge in how you accomplished this since hte last time I did this I use the createInputs.jar file to ingest the logs whereas now the customer wants the logs from the individual hosts which I'd like better since the createInputs method only pulled the hostnames from the originating system.
Thanks in advance.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I still have the default app installed, with my own modifications as indicated above. The syntax of the word TRANSFORMS was wrong. I haven't really touched the app since the app would be for a different team - i've just installed it and modified props.conf.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Our team is using it. I'm looking through the configs at the moment and it seems there are a lot of problems in the props.conf. They say you can use this on both search head / indexers. Some of the extractions are search time without a transform (EXTRACT-) and some are suppose to be index time (TRANSFORM-) only TRANSFORM should in fact be TRANSFORMS- (note the 's').
I'm considering separating the search time vs. index time extractions into two separate apps.
.conf24 | Registration Open!
ICYMI - Check out the latest releases of Splunk Edge Processor
Introducing the 2024 SplunkTrust!
