I have a logs stored in splunk and they are of sourcetype=test, but I recently found this app that parses these type of logs but it needs a different sourcetype (sourcetype=good_type) to parse them. I tried sourcetype renaming but it only changed the name of the sourcetype but the logs did not get parsed by the app.
... View more