Splunk Search

How do I convert binary files to human readable format?

prakash007
Builder

I'm getting this error in Splunk:

04-13-2016 11:13:58.607 -0500 WARN  FileClassifierManager - The file '/opt/wasserver/server/server01/log/server.log' is invalid. Reason: binary
04-13-2016 11:13:58.607 -0500 INFO  TailReader - Ignoring file '/opt/wasserver/server/server01/log/server.log' due to: binary

I tried this setting NO_BINARY_CHECK = true, where I can avoid the error above, but I'm looking to convert the binary data to human readable format.

Any help would be appreciated. Thanks..!!

0 Karma
1 Solution

lguinn2
Legend

The only way to convert a binary file to human-readable format is to understand exactly how the binary file was written. So the easiest way to do this is to figure out which software wrote the file - and then see if there is a similar program that can read the file. Translate the binary file to a new text file, and then use Splunk to monitor the text file.

There is nothing you can do in Splunk to convert the file from binary.

View solution in original post

0 Karma

lguinn2
Legend

The only way to convert a binary file to human-readable format is to understand exactly how the binary file was written. So the easiest way to do this is to figure out which software wrote the file - and then see if there is a similar program that can read the file. Translate the binary file to a new text file, and then use Splunk to monitor the text file.

There is nothing you can do in Splunk to convert the file from binary.

0 Karma

prakash007
Builder

Thanks..will try to find a program which reads the file.

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...