I'd like to run a script based on a pattern match in a particular logfile. Ordinarily I'd do this with an alert, but I can't do that because— I'm using Splunk Cloud so I can't easily run a script from an alert as I would if we were hosting everything ourselves; and the script will need to call services that are only present on our corporate network. Is there any way of getting the forwarder to run the script when a particular pattern matches? Or is there another approach that I could try? ... View more

I have a data source that is very noisy, and I'd like to exclude certain messages from that source from indexing in my Splunk Cloud instance. I see from this answer that it's possible to filter out certain messages by editing config files in a self-hosted Splunk instances. How do I accomplish the same thing in Splunk Cloud? I'm guessing that it involves adding a field transformation from the GUI, but I don't understand how to complete the form when I just want to throw away messages that match my regex. (I don't have enough points to post a link, sorry about that) ... View more