Hi,
I have a 3 different log files and there are 8 different formats in them. All formats have the same fields in them (cpu,memory etc.) and regex is similar. Hence, based on the system name, I s...
I am attempting to extract 2 fields, that are structured the same in an event, however represent 2 actions. one represents a query, the other a response for DNS data.
Here is a sample e...
Need your help,
We have this below format of log and need to assign sourcetype to extract the fields, can you please provide the working regex to include this in transforms.conf
2015-08-0...
We have the below Apache logformat on our apache conf
LogFormat "%{True-Client-IP}i %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %D \"%{x-wily-servlet}o\""
This is log...
Good afternoon,
I have some syslog data coming into splunk. I am trying to write the props and transforms to add the fieldextractions and want to make sure I am doing it the best way.
Q...
I have some logs from a media server that are all formatted in a consistent way, making fieldextraction creation very easy. I have created the same group of fieldextractions numerous times b...
...s delimiter, hence the problem.
how can I auto extract all the KVs from JSON string for the above case? I want to put in transforms.conf for auto extraction of all the KVs from JSON string..........
Hi,
I need help to extract some field from below logsformat. (Im so bad at this).
Oct 11 16:06:24 123.12.123.12 SVPN-USR[29489]: {"id":"6767676767","msgid":"6767676767","userInfo":{"u...
...ueue = parsingQueue
The issue is, no fieldextractions take place for the events I put in by this method, but they do work for events collected locally via the [WindowsEventLog:Application] in t...
Hi,
i have a written DirXML driver that audits specific attributes that change and write syslog using log4j. The format i emply is always {attribute:nameOfAttribute} {qualified-src-d...