Multi-field extractions in Splunk
Posted by Marc Huffnagle on Jun 13, 2011 in Infrastructure | 0 comments As a SysAdmin, one of the cooler tools that I’ve worked with is Splunk. A project I’m on indexes absolutely every log that it generates into Splunk, from firewall logs to system logs to custom application logs. Splunk does an excellent job of identifying the format of the data we ingest and automatically extracting fields for log types that it knows about. Our custom application...read more