This is logs from NAC device.

Sep 14 13:57:53 X.X.X.X 2012-09-14 13:57:52 INFO 109 X.X.X X.X.X.X 00:24:54:94:40:01 \xB3\xD7Ʈ\xBF\xF6ũ\xC1\xA4å \xC7\xD8\xC1\xA6\xB5\xCA. ................

Now, we did setting CHARSET = EUC-KR in props.conf .

CHARSET = CP949

SHOULD_LINEMERGE = False
CHARSET = EUC-KR

But , We cannot see korean CHAR on splunk.
How can I change CHARSET to see to korean character?

Could you tell me what is setting of charset ?