I am trying to parse pfsense 2.3.4 firewall logs in splunk, but I am not able to extract the fields properly.
I tried changing the props and transforms config files as stated here: http://blog.basementpctech.com/2012/02/splunk-and-pfsense-what-pair.html
But its not working for me. Can anyone help regarding this.
host =10.10.4.3 source =udp:514 sourcetype =syslog