So I have a log file that has a unique format similar to the following
==============================================
==============Summary=========================
Total Memory: 8834798374
Cached: 39399
...
===============up time=========================
19:00:20 up 5 days, 8:53
=================memory========================
USER PID COMMAND MEM%
root 2919 /bash 9
root 2023 top 14
Based on what I've read in the documentation and the posts, it looks like I can either write a very sophisticated sourcetype or just write a separate pre-processing script to properly parse the data and output it into a friendlier format for the engine. My question is am I missing something or are these my only realistic options?
... View more