OK - I'm a NUB here and experimenting with SPLUNK.
I have some log files that are saved in a TAB/Columned format.
[example: Logs_2013-05-17.txt
RecID TimeStamp ClientIPAddress ServerName ServerIPAddress ServerPort Method URIStem URIQuery Status UserName URLRoot
26405679 2013-05-17 01:35:05.000 67.190.82.148 HOMESITE 192.168.100.109 443 GET /sites/ter/_layouts/listfeed.aspx List=%7BD94F33B2%2DB09D%2D4EEA%2D8D14%2D0B8A1ACAC8B1%7D 401 NULL home3.mysite.com
26536158 2013-05-17 00:00:41.000 174.255.208.31 HOME-WWW 192.168.100.89 80 GET /styles/default.css NULL 200 NULL www.mysite.com
]
When I import it to Splunk I am not able to get it to recognize the fields and information correctly (EventBreaks)
How do I apply a "sourcetype" that will read these logs correctly?
... View more