cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
uwehermann
Engager
Member since: ‎07-15-2019
‎12-03-2020
Community Statistics
Posts 2
Solutions 0
Karma Given 9
Karma Received 0
Member Since ‎07-15-2019
Activity Feed
Topics I've Started
No posts to display.
View All

Re: break a json log

by in Getting Data In
‎09-11-2020 06:23 AM
‎09-11-2020 06:23 AM
Well, depending on the formatting of the json log files, you at least need the following in props.conf: SHOULD_LINEMERGE = false If the data is not prettyprinted, the following should help: LINE_BREAKER= \}(,)\{ If the data is prettyprinted, the following may be used to allow for whitespaces between the comma and the curly brace: LINE_BREAKER = \}(,\s*)\{ ... View more

Re: Splunk with reverse proxy. After Authenticatin...

by in Security
‎02-06-2020 01:00 AM
‎02-06-2020 01:00 AM
What software/hardware are you using as a reverse proxy? And how is that set up? Any info on what is inside the following two files could also be helpful. $SPLUNK_HOME/var/log/splunk/web_access.log $SPLUNK_HOME/var/log/splunk/web_service.log Also the logfiles for the reverse proxy could be helpful. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎12-03-2020 07:48 AM
Karma given to