Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

How to index HTML files?

sergeyvinnik
Explorer
‎06-25-2014 11:55 AM

I have source log files with HTML formatting. After indexing I get 12000 lines in one record.
I need to remove HTML mark-ups to index every particular line in the log file.
Can I do it in Splunk?
What source type should I use?

Tags (3)
Reply

LukeMurphey
Champion
‎07-09-2014 11:06 PM

There is an app called Website Input that was designed to pull information from websites. That might handle your case if the HTML files are accessible via an HTTP server.

Reply

sergeyvinnik
Explorer
‎06-25-2014 03:59 PM

Can I use TRANSFORM with following REGEX?

/<[a-zA-Z_/=]*>/ /g

It should replace all tags like .. by spaces

0 Karma
Reply

edschembor
Path Finder
‎06-26-2014 11:48 AM

Remember tho that this transformation will have to occur everytime you run the query. It would be much more efficient to create script to pre-process and just do it once

0 Karma
Reply

chanfoli
Builder
‎06-25-2014 02:20 PM

If I understand correctly, you want to strip HTML tags from an input file. I do not believe that any built-in sourcetype or extraction is going to handle this. I would approach this by pre-processing the logs. Many scripting languages have facilities to strip tags out of streams/files. It is probably something you could do with a SEDCMD or regex transform, but that may not be the best way to go.

Regards,
Sean

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Detection Engineering Office Hours: Real-World Troubleshooting & Q&A

[REGISTER HERE] This thread is for the Community Office Hours session on Detection Engineering Office Hours: ...

Developer Spotlight with Mika Borner

From Hackathon Winner to Enterprise Leader    Mika Borner, CEO and Founder of Datapunctum AG, has been ...

Continue Your Federation Journey: Join Session 3 of the Bootcamp Series

To help practitioners build a stronger foundation, we launched the Data Management & Federation ...