Hello Splunk Community,
I am pretty new to Splunk and I have a use case where different subsets of logs are to be forwarded to different indexes from the same monitor location. For example all logs matching a pattern(like a regex) should go to index1 and all other logs should go to default index.
I found this Splunk documentation but this is forwarding logs from different monitor locations.
I have the following in inputs.conf..
inputs.conf [monitor:///<monitor-location>] index = <my-index> sourcetype = <type>
Can you please help?
... View more