How to export logs from Splunk Enterprise with "host", "source" and "sourcetype" fields ?
And how to import these logs into other Splunk Enterprise instance correctly ?
I'm trying to export Windows logs from my current Splunk instance and save it for future usage or upload into other Splunk.
Using "Export" button i can only export raw logs without necessary for me fields("host", "source" and "sourcetype")
Good example is ButterCup Games training logs in Splunk documentation. I need to get something like this.