All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk Add-on for Microsoft Cloud Services, splunk is not able to read .gz blob files, how do I fix this?

Log_wrangler
Builder
‎07-20-2018 08:02 AM

I am using Splunk Add-on for Microsoft Cloud Services to ingest .gz log files from blob storage.

When I look in the index for these logs.gz, all I see is garble. The source indicates .gz, but I don't understand why Splunk cannot unzip and read it.

Here is a sample...

�Y�Q[��MK�@����%��k6�����    I{YD�x��R��L�����0�3sN��0<���&�R�Tf��B����ZICB�Tt�a�̛۪X��.�6ܶ���n���Pn�����u<��ٿ������ܺ+�k��<ɕ��'���C�"��M]U����0�� �0�A�O��P��y��N  bLNM&;�H.����f���f��!�S�F�B}x|3�>��a�k$3;��[`v�!7gg�ah�����"�o�)!��z<[��,��S�0ة�|����
-�s�


source = logs/20180720-11_0.gz

Please advise.

Thank you

Reply
State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!