-
Notifications
You must be signed in to change notification settings - Fork 107
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Need custom parser to filter the vcenter logs #2553
Comments
Here is what you can refer to: If you are still facing an issue with creating a parser please create a support ticket so that we can collect all the necessary information like sample logs to further assist you. |
Currently, we are receiving over 100 different source types of logs into Splunk, but the user wants the logs below. Sourcetype: vmware:vclog:vpxd Can you please provide the sample parser for this? |
Hi @mpaidela
Please make sure to restart your sc4s service after making these changes. |
Thank you @cwadhwani-splunk can you please provide the sample parser to filter nix logs with source? |
Hi @mpaidela I am closing this GitHub issue as the initial request is fulfilled. |
What is the sc4s version? 3.27.0
Is there a pcap available? If so, would you prefer to attach it to this issue or send it to Splunk support?
What the vendor name? Vmware
What's the product name? vpshre
If you're requesting support for a new vendor, do you have any preferences regarding the default index and sourcetype for their events?
Do you have syslog documentation or a manual for that device??
Feature Request description:
Do you want to have it for local usage or prepare a github PR?
we have ingested vcenter logs into Splunk using sc4s, but user wants to drop some unwanted logs.
Could someone please assist us in creating a Custom parser?
The text was updated successfully, but these errors were encountered: