Hey all, I'm having a difficult time trying to understand how FTS works in the decoder.xml. Order makes sense to me of course, but how does FTS tie in with all this?
Can someone give a run-down? With FTS, is it possible to reassign/ specify a hostname other than the host the event was discovered on? I'd like to assign the hostname/location per a portion of the log being analyzed. TIA!
