Hi,
I am trying to replace the existing TA which is Symantec Syslog TA with the Splunk supported Symantec TA 2.3.0 ver.
Please advice how I can get this done in a proper way. Because some of the fields extraction regex is different when compare from Symantec Syslog TA vs Symantec TA.
Thanks.