I am new to Splunk and working on getting logs from macOS clients (10.10-10.13). Forwarding is working but one of the logs I am trying to monitor is /var/log/jamf.log and it is having trouble with dates. Example of the types of entries in this log: Sat Jul 5 11:01:17 <username> jamf[14239]: Checking for policies triggered by "every15"... For some reason the JAMF log doesn't include the year in their date stamps. The last time July 5th fell on a Saturday was 2014 and this log was forwarded right around 11:01:17 on July 5th 2018. Even weirder is that I just noticed it is now showing me events from 7/7/18 (the current date is 7/5/18). Screenshot below shows that. What is happening? ... View more