Versions Compared

Old Version 4

changes.mady.by.user Admin

Saved on

compared with

New Version 5

changes.mady.by.user Admin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Lamaxu Source Types

The following source type need to be added to your SPLUNK props.conf file in order to correctly recognise the timestamp fields in the log file. Alternatively you could manually create the source types using the red highlight values as a guide to defining the timestamps.

Info
NOTE: You'll need to adjust the TimeZone TZ value to reflect your region in the props.conf file. Valid values can be found here, https://en.wikipedia.org/wiki/List_of_tz_database_time_zones

{SPLUNK_HOME}/etc/apps/search/local/inputs.conf

...

[monitor:///app/lamaxu/logs/statsData.log]
disabled = false
sourcetype = qmResetQStats_json

...

Include Page
Lamaxu Source Types
Lamaxu Source Types

Log File Data Formats

Include Page
Logging Data Processor
Logging Data Processor

...