I don't know if it is possible get this setup. I should load into Splunk a log file with lots of events, but I am not able to set up the timestamp in the right way. In the filename, I can seen the date and in the events the time as following:
Basically you need the processing of point 4 from above link. An untested suggestion would to set the TIME_FORMAT to a value which is not present in the event and let Splunk identify the date from file name and time from event.
And this works with the time, Splunk identify the time but not the date, and as you said, the documentations says:
"4. If no events in a source have a date, Splunk Enterprise tries to find a date in the source name or file name. Time of day is not identified in filenames. (This requires that the events have a time, even though they don't have a date.) "
So, this should be working but it does not, any suggestion?