I have log files that do not have a key - value format. The first part of each event is like this:
2013/11/25-17:09:08[32:31.928] however there is nothing in the log file setting this as "time" event.
When I go to import these log files splunk indexes them as the time of the import. Is there something I can do to have splunk tack the first string in the log as the time stamp?
... View more