Re: Logs not extracting

usmsplunksme · ‎06-01-2020

Hi all,
any assistance with this app would be grateful. I managed to connect to our LA workspace and receive logs in splunk, but none of the logs have any extractions.

any assistance would be appreciated.

edhealea · ‎08-02-2021

I couldn't find any thing published for this so I had to create a field extraction for each individual query that we implemented. It took a few tries on each one. Just when I thought I had it, MS would through a new format in the query but they have been pretty stable lately. They are not the prettiest regexes but they are working for us.

grout · ‎07-31-2021

I am facing the same issue with the kusto graber and its not able to parse the json format

edhealea · ‎09-01-2020

Did you ever make any head way with this? I am having the same issue with pulling in log analytics events from Azure using the Grabber.

02sangeet · ‎09-22-2021

Could you please help us, giving some idea about the extraction you used to solve this issue. I am also facing the same issue here, though we are able to fetch some data from MS Azure log analytics but data shows only header part.

Logs not extracting

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Event Series: Telemetry Pipeline Management

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Deep insights, no barriers: Splunk Observability Cloud Free Edition

Join the Conversation