Hi guys,
Please pardon my ignorance here as i am new to Splunk. I am using Splunk 7.1 on a Windows server and forwarding syslog messages from Linux server (j01ftc) , now as you can see below example
<0>Oct 18 14:49:51 j01ftc Oct 19 02:02:23 akl-ftc-sbc3b.vfnz-ipsn akl-ftc-sbc3b sipd05[4f] ERROR could not identify psipcontact
There are 2 issues. One is that the wrong time stamp is in beginning of the message and 2nd server name added , i want to exclude both of these from my logs in Splunk or at least fix the time in the event.
... View more