×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
apchristie
Explorer
Member since: ‎01-08-2014
‎09-15-2021
Community Statistics
Posts 3
Solutions 0
Karma Given 2
Karma Received 0
Member Since ‎01-08-2014
Activity Feed
View All

Re: Using a universal forwarder to filter the Mess...

by in Getting Data In
‎03-25-2014 01:41 PM
‎03-25-2014 01:41 PM
Thank you. The issue was we had not put the entry in the correct inputs.conf file. Thank you for the help it was easy to spot with that command. ... View more

Re: Using a universal forwarder to filter the Mess...

by in Getting Data In
‎03-24-2014 02:27 PM
‎03-24-2014 02:27 PM
The quoted text was added to the inputs.conf file. Sorry didn't say that in the original. ... View more

Using a universal forwarder to filter the Message ...

by in Getting Data In
‎03-24-2014 02:17 PM
‎03-24-2014 02:17 PM
Hello, We are trying to cut the message field out of all of the Windows Security Logs coming from our domain controllers. I have tried looking though some of the other answer posts and I have tried using this article where you put [WinEventLog:Security] disabled = 0 suppress_text = 1 However I am not sure exactly what that references to remove data from the log. I know older answers said you could use a regex on the props.conf and transforms.conf file but I wasn't sure if that was still the best way for Splunk 6. All that said to really say could anyone help with removing the Message text from Windows Security Logs. Thanks in advance! ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎09-15-2021 04:51 PM
Karma given to
View All