All Apps and Add-ons

What fields is the Splunk add-on for NetApp supposed to extract from syslog messages?

hettervi
Builder

Hi. The Splunk add-on for NetApp uses a transform to try to extract three fields from syslog; Thread, Event, and Message. The transform is not correct with the syslog I'm receiving, so I'll have to edit the regex manually. When I look at the NetApp documentation I can find no reference to the fields Thread and Event. Rather to me it looks like the extracted fields should be something like Identifier, Severity and Message.

Have a look at the NetApp documentation here: https://library.netapp.com/ecm/ecm_get_file/ecmlp2776519

Can someone explain to me what the three fields Thread, Event and Message should be?

0 Karma
Register for .conf21 Now! Go Vegas or Go Virtual!

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.