All Apps and Add-ons

What fields is the Splunk add-on for NetApp supposed to extract from syslog messages?

hettervik
Builder

Hi. The Splunk add-on for NetApp uses a transform to try to extract three fields from syslog; Thread, Event, and Message. The transform is not correct with the syslog I'm receiving, so I'll have to edit the regex manually. When I look at the NetApp documentation I can find no reference to the fields Thread and Event. Rather to me it looks like the extracted fields should be something like Identifier, Severity and Message.

Have a look at the NetApp documentation here: https://library.netapp.com/ecm/ecm_get_file/ecmlp2776519

Can someone explain to me what the three fields Thread, Event and Message should be?

0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...