×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Splunkuser1103
Engager
Member since: ‎11-22-2024
‎03-19-2025
Community Statistics
Posts 2
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎11-22-2024
Activity Feed
Topics I've Started
View All

Re: Syslog messages ingestion

by in Getting Data In
‎11-24-2024 10:50 PM
‎11-24-2024 10:50 PM
Thanks @PickleRick , it worked! It was the issue with the order of transforms as you pointed, I have adjusted it and now I am able to filter out only the Filter out specific events and discard the rest. ... View more

Syslog messages ingestion

by in Getting Data In
‎11-22-2024 11:49 AM
‎11-22-2024 11:49 AM
Hello Team, I have forwarded syslogs to Splunk Enterprise, I am trying to find a way to create props.conf and transforms.conf such a way that Splunk ingests all the messages which matches the keywords that I have defined in a regex in transforms.conf and drop all the non matching messages however I am not able to do the same. Is there a way to do that or does transforms and props.conf only work to drop the messages which are defined in the regex as currently if I try to that Splunk is dropping only the keywords that I defined and ingesting everything else. I am new to splunk so requesting some inputs for the same. Thanks in advance!! ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎03-19-2025 07:40 AM
Karma given to
View All