Hi, I'm quite new to Splunk.
I have imported a few Nesses files into Splunk using the addon, however the start_time and end_time fields are not converted to timestamp fields as per the config (eventgen.conf)file.
The timestamp field shows "none" and the start/end_time fields are considered as strings.
I have tested the regular expression in the default file, and it matches.
Please assist.
Thanks
... View more