Hi,

I'm trying to route data to different indexes and sourcetypes based upon hosts coming, but getting errors, and uncertain why. The errors are:

Undocumented key used in transforms.conf; stanza='ise2_index_override' setting='DEST_KEY' key='MetaData:Index'
Undocumented key used in transforms.conf; stanza='ise_index_override' setting='DEST_KEY' key='MetaData:Index'
Undocumented key used in transforms.conf; stanza='pep_index_override' setting='DEST_KEY' key='MetaData:Index'
Undocumented key used in transforms.conf; stanza='pf_index_override' setting='DEST_KEY' key='MetaData:Index'

Inputs (udp feed)
[udp://10515]
connection_host = dns
index = main
sourcetype = temp10515_syslog

Props.conf:
[temp10515_syslog]
ANNOTATE_PUNCT = false
KV_MODE = AUTO
LINE_BREAKER = ([\r\n]+)
NO_BINARY_CHECK = 1
SHOULD_LINEMERGE = false
TRANSFORM-10515sourcetype_and_index_override = ise2_index_override, ise2_sourcetype_override, pf_index_override, pf_sourcetype_override

Transforms.conf:
[ise2_sourcetype_override]
DEST_KEY = MetaData:Sourcetype
REGEX = (%ISE)
FORMAT = sourcetype::cisco:ise:syslog

[ise2_index_override]
DEST_KEY = MetaData:Index
REGEX = (%ISE)
FORMAT = network90

[pf_sourcetype_override]
DEST_KEY = MetaData:Sourcetype
REGEX = (%PF)
FORMAT = sourcetype::netscreen_syslog

[pf_index_override]
DEST_KEY = MetaData:Index
REGEX = (%PF)
FORMAT = network