All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Netscaler: certain fields are not extracted

BlueTurtleM
New Member
‎01-23-2020 04:38 AM

In the "Top Appliances with App Firewall Violations" panel under the Appliance Overview this graph is not working properly. Graph shows the appliance but groups it under null as the field violation is not present.

This field called "violation" which has not been extracted by the Netscaler app is the issue and there is possibly more fields that are not extracted by the look of things.

Is this something we need to extract ourselves ? If so, if possible, please could the regex be provided. I am using the sourcetype citrix_netscaler_syslog.

Thank you,

0 Karma
Reply
Get Updates on the Splunk Community!

.conf25 technical session recap of Observability for Gen AI: Monitoring LLM ...

If you’re unfamiliar, .conf is Splunk’s premier event where the Splunk community, customers, partners, and ...

A Season of Skills: New Splunk Courses to Light Up Your Learning Journey

There’s something special about this time of year—maybe it’s the glow of the holidays, maybe it’s the ...

Announcing the Migration of the Splunk Add-on for Microsoft Azure Inputs to ...

Announcing the Migration of the Splunk Add-on for Microsoft Azure Inputs to Officially Supported Splunk ...