09-17-2014 18:00:01.024 DATA MESSAGE RCVD FROM:W228707 DATA:POLL\x04
09-17-2014 18:00:01.024 DATA MESSAGE RCVD FROM:NOCTMDS-A20 DATA:POLL
09-17-2014 18:00:01.024 DATA MESSAGE RCVD FROM:W203911 DATA:POLL\x04
09-17-2014 18:00:01.055 DATA MESSAGE RCVD FROM:W231427 DATA:POLL\x04
09-17-2014 18:00:01.071 DATA MESSAGE RCVD FROM:W211499 DATA:POLL\x04
09-17-2014 18:00:01.087 DATA MESSAGE RCVD FROM:W231259 DATA:POLL\x04
This is the log file I am indexing. and I would like to make it so that when I index it, the timestamp is what determines when a new event occurs. In the data above, the first 3 lines is one event, and the last 3 lines are all indepedent events. I for the life of me, haven't been very successful with this... I've tried a couple of different methods using the Data previewer and setting my line breaks, but I cannot get it to do it correctly. I know this is a very simple thing, so I was wondering if someone could rattle off the solution, and be my easy button.
Thanks
... View more