hello
I want to create a new sourcetype from the csv file below
https://www.cjoint.com/c/IHvhvr2JHYh
I dont want to collect the logs between line 1 and line 561 and I just need to collect the logs from line 562
More, I need to create a new field called "flagname" for being able to extract piece of logs like TEST-TOUPDATE.$w$ (in red color in the csv file, line 562)
so what I have exactly to do in advanced parameters to do this??
thanks in advance
check out these answers:
for header line if necessary:
https://answers.splunk.com/answers/699899/in-a-csv-file-can-you-help-me-skip-the-first-few-l.html
for ignoring lines:
https://answers.splunk.com/answers/11512/how-to-not-index-first-x-lines-in-csv-file.html
check out these answers:
for header line if necessary:
https://answers.splunk.com/answers/699899/in-a-csv-file-can-you-help-me-skip-the-first-few-l.html
for ignoring lines:
https://answers.splunk.com/answers/11512/how-to-not-index-first-x-lines-in-csv-file.html
It doesnt help me a lot but i am going to find a good way