Application: Syslog Priority Decoder
Categories:
Description
this searchscript converts syslog priority into the appropriate severity and facility.
- download the script into $SPLUNK_HOME/etc/searchscripts
- make sure the script has the right permissions and owner
- if using the enterprise version make appropriate changes to authorize.conf and commands.conf (making sure to turn off headers: enableheader = false)
- pipe search results to syslogpri:
sourcetype=syslog | syslogpri
Rating
(1 vote)
Login to rate this Application