We just installed Splunk this week (YAY!) and are trying to get our Apache logs digesting to start building dashboards. Our web store uses a modified Apache Access log format that looks like this in our www.conf: %h %l %u %t %V \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %U %q I know that none of the extractions provided by access_combined or apache:access (Apache Addon) seem to work because they're looking for the default format, but I'm a little confused on how to help them recognize our format. I see the extractions listed, but they don't look like regular regexes that I've seen. How would I go about changing them to match our formatting? Appreciate any help! ... View more