Hello,
I have configured two network devices (cisco router and fortigate firewall) to send logs to Splunk server via udp port 514 .I can successfully see all the raw logs but particular apps wont show any data because the sourcetype doesnt match.I cant define different sourcetypes to same udp port in "data inputs".How can I overcome this issue ?
... View more