Hi Team,
We got a requirement to ingest logs from Azure storage blob so we have installed the Splunk_TA_microsoft-cloudservices (3.1.0) version and configured the inputs for the same.
Based on that logs are getting ingested into Splunk, and during configuration, we have provided the input information for the index as "xyz" and source type as "abc".
So when we searched the data in Search & Reporting app with index as "xyz" we are able to see the data, which is in JSON format, and the logs are getting ingested with two source types.
Since the requested team were passing the logs with two source type in Splunk Cloud (i.e. "abc" and "def").
Actually, we have created the Azure Storage blob with “abc”.
So now to search the data which comes with "def" alone.
So we need the search for the same.
... View more