Hi,
I need to apply field extractions across multiply files. They are the same type files but slighly labled differantly such as: messeges, messeges-1, messeges-2, messeges-3,....messeges-13, etc.... Currently I have to apply the same field extractions to each one and its creating lots of work. I dont see any options in Splunk to apply to multiple sourcetypes. I tried reading post with similar issues but all seem to have differant solutions and left me really confused. If you have a rock solid solution please let me know. Thank you a head of time.
Jason
... View more