Version 6.1
search sourcetype=syslog results in page with a left column and main view. The left column is filled with Seclected Fields, host (7) / source (1) / sourcetype (1), followed below by Interesting Fields: Date_hour, Date_mday, date_minute, date_month, etc.
My main view window lists i, time and event columns, with a slew of info within those columns.
Various things like
uplink is eth0
ace_reporter.reporter_inform_send(): connect (http://ip:8080/inform, ip=192...) in progress.
infctld.mcast_beacon()uplink-monitor.update() prev observation is eth[eth0]
... View more