Re: Btool multiline values don't have the '\' betw...

nwales · ‎04-28-2015

Running btool to create a combined config file from default and local doesn't give me a working config file because the line continuation marks are missing:

A search in the existing savedsearches.conf looks like:

search = source="/path/to/logfile.log" checkoutId (checkoutWithVas OR checkoutWithNoVas)\
| regex "checkoutId=[\w\d-]{32}" \
| rex "Domain: (?[\w\d.]+) Path:"\

While the output of btool looks like:

search = source="/path/to/logfile.log" checkoutId (checkoutWithVas OR checkoutWithNoVas)
| regex "checkoutId=[\w\d-]{32}" 
| rex "Domain: (?[\w\d.]+) Path:"

Any way to make them magically appear?

nwales · ‎05-14-2015

I tried that, worked this problem out when splunk complained about the config I had dumped to file.

woodcock · ‎05-12-2015

Try dumping it to a file; it is possible that the terminal process is eating them when displaying to STDOUT.

Btool multiline values don't have the '\' between lines that conf files have. How do I make them appear?

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!