Hi,
at search time I like to pase the key-value pairs inside the message and would like to have the whole message in a field:
log-line:
message="serial="57896" name="test" loc="there""
Per default splunk parses like:
message=serial=
name=test
loc=there
How to get this?
message= serial="57896" name="test" loc="there"
serial=57896
name=test
loc=there
