Hi,
We just started working on Splunk. We have a single log file with multiple XMLs with line breaker ####################### as below (Build with same schema). We need some help on configuring XML tags as search parameter.
<?xml version='1.0'?>
<Log>
<HOST>127.0.0.1</HOST>
<DATE>10-04-2016T12:12:12</DATE>
<TRANSACTIONID>OpportunityId</TRANSACTIONID>
<TRANSACTIONVALUE>dsd767dsdkXSAre</TRANSACTIONVALUE>
<APPLICATION>QuoteSync</Application>
</Log>
#######################
<?xml version='1.0'?>
<Log>
<HOST>127.0.0.1</HOST>
<DATE>10-04-2016T12:12:12</DATE>
<TRANSACTIONID>OpportunityId</TRANSACTIONID>
<TRANSACTIONVALUE>dsd767dsdkXSAre</TRANSACTIONVALUE>
<APPLICATION>QuoteSync</Application>
</Log>
Thanks,
Vinay
... View more