Hello I'm using Splunk cloud, i have jenkins logs indexed to my system but for some reason breaks I took an output example and add it to Splunk with the "Add Data" option and there it looks ok but when im searching for the sourcetype it is still broken. What is the best way to parse jenkins logs ? this is my sourcetype configuration :   [ console_logs ] CHARSET=UTF-8 LINE_BREAKER=([\r\n]+) NO_BINARY_CHECK=true SHOULD_LINEMERGE=true category=Structured disabled=false pulldown_type=true   and i want it to be shown with the bulks :   <time> Started by user <time> Finished:    

Hello, I'm currently exploring the integration of Splunk with SAP Analytics Cloud for our data analysis and visualization needs. While I've found some documentation on the topic, I'm looking for practical advice and insights from those who have successfully implemented this integration. Specifically, I'd like to know: What are the key considerations when setting up the integration between Splunk and SAP Analytics Cloud? Are there any best practices or recommendations for optimizing data transfer and visualization between the two platforms? How can I ensure that real-time data from Splunk is effectively utilized in SAP Analytics Cloud for timely decision-making? Are there any common challenges or pitfalls I should be aware of during this integration process, and how can I mitigate them? I have checked  https://community.splunk.com/t5/Community/ct-p/en-us/SAP Analytics Cloud Course for guidance.  If you have experience with this integration or can point me to valuable resources, I would greatly appreciate your insights. Thank you!

Dear All, I have a dashboard with Choropleth map presenting established connection from various countries. | index=*** sourcetype=***  bla bla  | bla bla bla | iplocation IP | table Time Username IP Country | stats count by Country | eval count=case(count < 10, "1:Less than 10", (count > 10 AND count <= 20), "2:Between 10 to 20", (count > 20 AND count <= 50), "3:Between 21 to 50", (count > 51 AND count <= 100), "4:Between 51 to 100", (count > 100 AND count <= 500), "5:Between 101 to 500",(count > 500), "6:More than 500") | sort +count | geom geo_countries featureIdField=Country   In the legend, I see colours with the count of established connections. May I edit the legend in a way that the name of each country will be shown up and along with count? I have spent many days googling but unfortunately I am unable to get the answer. I also tried with Cluster Map visualization, but unfortunately, no luck for me. Thank you very much in advanced for your advices. | index=*** sourcetype=***  bla bla  | bla bla bla | rename ext_device as VPN, ext_when as Time, ext_Username as Username, ext_IP_addr as IP | iplocation IP | geostats count by Country