Need to create a parser to parse vmware aria automation logs #2626 (Enhancement of sc4s) #2696
Comments
|
In my previous case, you recommend I present a packet capture of the ARIA operations pushing vcenter logs into Splunk. I have attached the pcap file for your review and pontential integration of ARIA logs in sc4sn the right format. This should prevent logs being sent to index=main and sourcetype=sc4s:fallback |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Note: If your issue is not a bug or a feature request, please raise a support ticket through our support portal (Splunk.com > Support > Support Portal). This will help us resolve your issue more efficiently and provide you with better assistance. For more information on how to work with the Splunk Support, please refer to this guide.
What is the sc4s version?
Is there a pcap available? If so, would you prefer to attach it to this issue or send it to Splunk support?
What the vendor name?
What's the product name?
If you're requesting support for a new vendor, do you have any preferences regarding the default index and sourcetype for their events?
Do you have syslog documentation or a manual for that device??
Feature Request description:
Do you want to have it for local usage or prepare a github PR?
The text was updated successfully, but these errors were encountered: