I need to blacklist the logs coming from network device which are having particular string. Please let me know how this can be done?
there a multiple ways to do that, depending on your use case.
hope this helps ...
Props and if needed transforms must be changed
Do we need make this changes in props.conf and transforms.conf even for Splunk 6.0.1? Is editing just in inputs.conf not enough?