I can't say that I'm familiar with how file scraping operations work in Splunk for this case.
For my current case, I made a new UDP input to take in the logs:
[udp://7227]
connection_host = dns
sourcetype = cisco:acs
no_appending_timestamp = true
(Sorry for the really late reply ... I haven't been doing much Splunking in the last year or three.)
... View more
Awesome, that definitely got my results as I expected them. Thank you so much! Can you point me to a document that will help me to export the dataset to a CSV with the User_name and the _time?
... View more