--input.conf

[monitor:///etl/issrdr/scripts/tst/splunk/input/updates.csv]
index=iss-rdr

--props.conf

[source::/etl/issrdr/scripts/tst/splunk/input/updates.csv]
CHECK_FOR_HEADER=TRUE

---updates.csv

TIME_STAMP,TRANSACTION_ID,ENTITY_NAME,ERROR_MESSAGE
2010-04-21 06:12:37,000002137520,INSTRUMENT_COMMENT,value too large for column 
2010-04-21 06:13:07,000002137521,INSTRUMENT_COMMENT,value too large for column 
2010-04-21 06:13:20,000002137522,INSTRUMENT_COMMENT,value too large for column 
2010-04-21 06:12:37,000002137520,INSTRUMENT_COMMENT,value too large for column