Hi all,
Similar
This question is similar to
http://answers.splunk.com/questions/10093/teaching-splunk-the-fields-in-a-custom-log-format
but even more basic..
Note: Yes, RTM
The long term answer is RTM....in the meantime I'm brand new to splunk and would like to get this basic change up and running.
I've downloaded splunk, started it up, and index a vanilla apache access log. Great!
Requirement
Now I want to index an access log which has a few more fields (e.g. "response time in milliseconds"), ala http://tomcat.apache.org/tomcat-5.5-doc/config/valve.html
What are the "quick start guide" steps to add these fields.
I've scratched the surface of the admin guide and hunted through the various .conf files..but didn't find anything obvious..
thanks
... View more