cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
drivascordero
Splunk Employee
Member since: ‎02-22-2021
‎11-24-2022
Community Statistics
Posts 1
Solutions 0
Karma Given 2
Karma Received 0
Member Since ‎02-22-2021
Topics I've Started
No posts to display.
View All

Re: eNcore eStreamer 3.6.1 fieldalias not being ap...

by Splunk Employee in All Apps and Add-ons
‎04-26-2021 08:30 AM
‎04-26-2021 08:30 AM
I got the same issue but with eStreamer 4.2 and 4.0. If you are using Splunk 7.2 or later, there is a limitation you can't use two field aliases for the same field. Take a look into signature aliase: cisco:estreamer:data : FIELDALIAS-estreamer_intrusion_signature cisco:estreamer:data : FIELDALIAS-estreamer_malware_signature   You need to remove the overwrite on both Field Aliases.   Regards, ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎11-24-2022 05:55 AM
Karma given to
View All