Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Language for collecting logs

BRFZ
Communicator
‎07-04-2024 02:55 AM

Hello, 

I want to collect logs from a machine that is set to French. Consequently, the logs are generated in French, making parsing them difficult. Is it possible to collect logs from the machine in English while keeping the machine's language set to French ?

0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
‎07-06-2024 05:02 AM

Your question has way too little data to be answered reliably.

First and foremost - what kind of data are you trying to ingest? What is the producer of said data? With some solutions it's possible to extract some standardized fields which can be used to analyze the data instead of plain-text description possibly indluded in further part of the event. But if the source is generating data in language A, the data is in A. For some limited use cases you could try to use static lookups to substitute text in language A for language B but that would be a nightmare to maintain. Using some translation service on search as @BRFZ suggested is certainly possible but would be hugely impractical and could introduce privacy issues when using external services.

0 Karma
Reply

shivanshu1593
Builder
‎07-04-2024 06:56 AM

There isn't an inbuilt feature in Splunk, which can do this. You can build a custom app with external lookups (scripts) and use something like google translate or other services to do this and transform your data.

To get started, you can disassemble this old app and then take it from there to build your own.

https://splunkbase.splunk.com/app/1609

Thank you,
Shiv
###If you found the answer helpful, kindly consider upvoting/accepting it as the answer as it helps other Splunkers find the solutions to similar issues###
0 Karma
Reply
Get Updates on the Splunk Community!

Aligning Observability Costs with Business Value: Practical Strategies

 Join us for an engaging Tech Talk on Aligning Observability Costs with Business Value: Practical ...

Mastering Data Pipelines: Unlocking Value with Splunk

 In today's AI-driven world, organizations must balance the challenges of managing the explosion of data with ...

Splunk Up Your Game: Why It's Time to Embrace Python 3.9+ and OpenSSL 3.0

Did you know that for Splunk Enterprise 9.4, Python 3.9 is the default interpreter? This shift is not just a ...