We have a bunch of windows machines running Splunk Universal Forwarders (don't ask why just know that this is how it is happening), and are presently sending their output info Graylog 2, as Raw/PlainText, my only option in this case, unless you know of a better way while still using the Splunk Universal Forwarders. So my question is how to parse/build an extractor, any advice as I want to be able to deal with my data as I would if it cam in via a non RAW format.
Thanks in advance for Any Wisdom. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/9f493838-2605-4ed2-86dc-fa5db7f62bf3%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
