Application: Syslog Priority Decoder

Author: kbains	Date Added:	May 27, 2008	Flag as Miscategorized Mistyped Inappropriate
Downloads:205	Last Updated:	May 27, 2008
Type: Search Commands	License:	Creative Commons
Type: Search Commands	Price:	Free

Version: 1.0

this searchscript converts syslog priority into the appropriate severity and facility.

Download the script into $SPLUNK_HOME/etc/searchscripts
Make sure the script has the right permissions and owner
If using the enterprise version make appropriate changes to authorize.conf and commands.conf (making sure to turn off headers: enableheader = false)

example commands.conf:

[syslogpri]
filename = syslogpri.py
enableheader = false

example authorize.conf:

[capability::run_script_syslogpri]

[role_Admin]
run_script_syslogpri = enabled

sourcetype=syslog | syslogpri

(1 vote)

Preview Application: