Solved: Event Breaking Catastrophe!

markhvesta · ‎10-25-2019

Line Breaking is not functioning correctly for an XML source type.

We want to break between these two elements </result> <result expand

Here is the most recent config:
SHOULD_LINEMERGE=false
LINE_BREAKER=<result\sexpand
BREAK_ONLY_BEFORE=<result\sexpand
BREAK_ONLY_BEFORE_DATE=false
MUST_BREAK_AFTER=\/results>

Does this need to be applied to the indexers or in the props.conf on the forwarder? And if just the forwarder, just on the application/local or also in the system/local?

woodcock · ‎10-25-2019

Never use the BREAK_* options; always use LINE_BREAKER like this (you must have a capture group😞

props.conf (on your Indexers/HFs):

SHOULD_LINEMERGE = false
LINE_BREAKER = <\/result>([\r\n\s]*)<result\s+expand

View solution in original post

woodcock · ‎10-25-2019

Never use the BREAK_* options; always use LINE_BREAKER like this (you must have a capture group😞

props.conf (on your Indexers/HFs):

SHOULD_LINEMERGE = false
LINE_BREAKER = <\/result>([\r\n\s]*)<result\s+expand

Event Breaking Catastrophe!

props.conf (on your Indexers/HFs):

props.conf (on your Indexers/HFs):

Data Management Digest – December 2025

Index This | What is broken 80% of the time by February?

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Join the Conversation

Event Breaking Catastrophe!

props.conf (on your Indexers/HFs):

props.conf (on your Indexers/HFs):

Data Management Digest – December 2025

Index This | What is broken 80% of the time by February?

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...