Splunk Dev
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Dev Tutorial question about "DESCRIPTION: AInterpidPanoramaofaMadScientistAndaBoywhomustRedeemBoyinAMonastery"

jcorcoran508
Path Finder
‎02-21-2022 06:28 AM

 

I have a question on the Dev tutorial as I am unable to figure the behavior or is the output expected under the

DESCRIPTION: AInterpidPanoramaofaMadScientistAndaBoywhomustRedeemBoyinAMonastery

All the words in “DESCRIPTION” are not delimited a by a white space , is the normal behavior ?

 

Module 1 of the Splunk>Dev tutorial 

https://dev.splunk.com/enterprise/tutorials/module_getstarted/

Set up the sample data bundle

To get the Eventgen sample bundle and send it to the devtutorial index, do the following steps:

  1. Go to https://github.com/splunk/eventgen/blob/develop/tests/sample_bundle.zip and click Download to download the Eventgen sample data file, sample_bundle.zip, to your computer.

 

 

 

DESCRIPTION

AInterpidPanoramaofaMadScientistAndaBoywhomustRedeemBoyinAMonastery

 

jcorcoran508_0-1645453520528.jpeg

 

Labels (1)
Labels
Tags (1)
0 Karma
Reply

tshah-splunk
Splunk Employee
Splunk Employee
‎02-21-2022 08:54 PM

Hey @jcorcoran508,

You can proceed ahead with further modules. The data seems to be perfect and not sure what is the need for delimiting a white space character in the description field. Also, I can see in the screenshot that the description field is properly extracted by the json sourcetype.

---
If you find the answer helpful, an upvote/karma is appreciated
0 Karma
Reply
Get Updates on the Splunk Community!

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

New This Month - Observability Updates Give Extended Visibility and Improve User ...

This month is a collection of special news! From Magic Quadrant updates to AppDynamics integrations to ...

Intro to Splunk Synthetic Monitoring

In our last post, we mentioned that the 3 key pieces of observability – metrics, logs, and traces – provide ...