Is there any more documentation on how to use the jira.conf file? The documentation only says
"Configure which keys to display in the table with the keys, time_keys, and custom_keys fields."
I am running the command | jira issues 22618 | table Key Summary Assignee Created "Affected Systems"
Assignee is coming out as a multi field value, all i really want is displayName.
The following regex works
| jira issues 22618 | rex field=Assignee ".\"name\": \"(?\w+)\""| rex field=Assignee ".\"displayName\": \"(?[^\"]+)\"," | table Assignee_userid Assignee_displayName Assignee
Is this something I can configure with the jira.conf file or should I run the regex ?
hey @jennjoe1
According to my experience,If your search is not heavy time/process consuming then I think it is better not to touch .conf
files .
but you want to do that then you should make changes in props.conf
and transforms.conf
in a local directory of jira i.e. jira/local/
copy the file from default
and make changes in local
Use normal method to extract fileds refer below link:
https://answers.splunk.com/answers/5960/extract-a-field-from-event-source-filename.html
https://answers.splunk.com/answers/574532/splunk-add-on-for-jira-setup.html
Let me know if this helps!