Hi Team, Is there any way to determine the Operating system language before we ingest the logs in Splunk?
After ingesting the logs, will correlations work on servers with operating system languages other than English ?
Any alternate option to convert the language into English and get the output in the search head
You could create scripted inputs that somehow determine the OS language and then translate the data it reads before it is indexed by Splunk.
If the set of non-English fields is know and small enough then you could use INGEST_EVAL or FIELDALIAS settings to map them to equivalent English fields.