I am very aware of the configurations needed to route data certain indexes/null queue based on their content, however there is no command line access to Splunk Cloud. Is there a way of creating this kind of transform via the UI?
Currently there is not, this needs to be done by opening a ticket with Support and provide them with the configuration to install.
View solution in original post
Hello -- this last comment is from 2016. I am wondering if it is still the same answer. We are on 7.3.3 Splunk Cloud.
never-displayed
