×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
herat420
New Member
Member since: ‎05-14-2013
‎06-05-2020
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎05-14-2013
Activity Feed
View All

Splunk 6.0 removing syslog priority fields

by in Getting Data In
‎10-31-2013 02:03 AM
‎10-31-2013 02:03 AM
Dear sir I have read all information on the Splunk answers. but I couldnt find any solutionn for my situation. I am new in the world of splunk and splunk is running in test lab. I can forward syslog to splunkm but splunk remove priority fields from syslog. I have add the following code in the inpust.conf file and restart the splunk, but it didnt solved my problem. C:\Program Files\Splunk\etc\system\local\inputs.conf [udp://514] no_priority_stripping = true I tried also this location: C:\Program Files\Splunk\etc\apps\search\local\inputs.conf [udp://514] no_priority_stripping = true Would anyone please tell me if am i configuring in the worng place? If anyone can help me I would apprecaite that. thanks in advance Best Rrgards, Herat ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:03 AM