Hello, I recently upgraded from Splunk 7.3.2 to Splunk 8.0.5 and I noticed that the newer version does not manage special characters in csv field names. As a simple exercise I created the following...
See more...
Hello, I recently upgraded from Splunk 7.3.2 to Splunk 8.0.5 and I noticed that the newer version does not manage special characters in csv field names. As a simple exercise I created the following csv saved with Notepad++ wtih UTF-8 encoding: timestamp;field_no_spaces;Field With Spaces;field_with_accented_a_à;field_with_degree_° 2020-01-01 10:00:00;value;value;value;value The field names in the header contain characters that are in my source csv: spaces, accented letters and a special character (in this case °). I followed the import wizard and left default settings in the "Set Source Type" section. Without making any changes, here is the difference between the versions: 7.3.2 8.0.5 As you can see, 8.0.5 doesn't seem to handle those characters as standard. I suspect that it might have to do with Python2 in 7.3.2 vs. Python3 in 8.0.5, but I'm not sure what to do. I browsed the corresponding version of props.conf, but I wasn't able to find anything useful. Would appreciate if someone could shed some light! Hopefully someone has faced this issue before me... Thank you and best regards, Andrew