Hi ,

Is there any way I can simply have Plprdfinodm01 as my Source in Splunk which indicates JVM name?

D:\splunk\was\vxpip-ppm01\PIprdfinodm01\messages.log    
D:\splunk\was\vxpip-ppm02\PIprdfinodm01\messages.log    
D:\splunk\was\vxpip-ppm02\PIprdfinodm01\messages.log    
D:\splunk\was\vxpip-ppm01\PIprdfinodm01\messages.log    
D:\splunk\was\vxpip-ppm02\PIprdfinodm01\messages.log    
D:\splunk\was\vxpip-ppm02\PIprdfinodm01\messages.log    
D:\splunk\was\vxpip-ppm01\PIprdfinodm01\messages.log
D:\splunk\waslp\vxpip-ppm02\PIprdfinodm01\messages.log