cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
jm8thew
Engager
Member since: ‎11-02-2012
‎06-05-2020
Community Statistics
Posts 1
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎11-02-2012
Activity Feed
View All

Parsing dynamic fields when indexing from script?

by in Getting Data In
‎11-08-2012 01:25 PM
‎11-08-2012 01:25 PM
I'm new to splunk and I'm trying to import some data from a database that I'd like to have indexed by Splunk. I have a script that returns the info from the database in column name = value pairs. However, some of the column names and values have spaces in them, which seem to mess with Splunk's ability to extract field names. Putting quotes around the column name and value didn't work. Replacing spaces with underscores works, but that is not an ideal solution. Using the MySQL Connector app I'm able to view the database as it is, but I can't maintain historical data. So how does Splunk decide what is a field and what isn't beyond simple field=value pairs? Can I do something so that it will accept spaces in the field names from the script data? Can I change the way my script outputs data (currently columnname=value for every row) so that it captures the column name and values properly? Is there a way to use the MySQL Connector app for monitoring changes in my database? Thanks ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma given to
View All